Re: Security - Write to protected directory
Re: Security - Write to protected directory
- Subject: Re: Security - Write to protected directory
- From: Kelly Graus <email@hidden>
- Date: Thu, 2 Oct 2008 22:46:01 -0600
On Oct 2, 2008, at 6:23 PM, Nick Zitzmann wrote:
On Oct 2, 2008, at 1:30 PM, Kelly Graus wrote:
Is the only way to allow a user to write to a protected location
use the AuthorizationExecuteWithPrivileges function?
Yes. AEWP() is most certainly not deprecated.
Ok, I will look into using that.
If so, is there a way to tell when the application has quit, and
get the exit code?
Yes. (Hint: Look at the man page for the wait() function.)
I looked at the wait function, I just couldn't figure out how to get
the pid of the started application. Is there a way to get the pid
without cooperation of the started application (ie, some sort of IPC
between the two applications). I'm very new coding for OS X (and Unix
based systems in general), so any details would be very appreciated!
Does using a setuid tool mess up the ability for a user to delete
an application, assuming the setuid tool is imbedded in an
application's bundle?
Tools that are set to run setuid root tend to be security holes
waiting to happen, unless they have an extremely good reason for
running as setuid root, and they've been time-tested, such as the ps
tool.
Yeah, I was hoping it wouldn't come to using setuid.
Thanks for your help!
Kelly
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden