Re: Security - Write to protected directory
Re: Security - Write to protected directory
- Subject: Re: Security - Write to protected directory
- From: Nick Zitzmann <email@hidden>
- Date: Thu, 2 Oct 2008 18:23:49 -0600
On Oct 2, 2008, at 1:30 PM, Kelly Graus wrote:
Is the only way to allow a user to write to a protected location use
the AuthorizationExecuteWithPrivileges function?
Yes. AEWP() is most certainly not deprecated.
If so, is there a way to tell when the application has quit, and get
the exit code?
Yes. (Hint: Look at the man page for the wait() function.)
Does using a setuid tool mess up the ability for a user to delete an
application, assuming the setuid tool is imbedded in an
application's bundle?
Tools that are set to run setuid root tend to be security holes
waiting to happen, unless they have an extremely good reason for
running as setuid root, and they've been time-tested, such as the ps
tool.
Nick Zitzmann
<http://www.chronosnet.com/>
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden