• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Security - Write to protected directory
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security - Write to protected directory

  • Subject: Re: Security - Write to protected directory
  • From: Nick Zitzmann <email@hidden>
  • Date: Fri, 24 Oct 2008 17:35:51 -0600

On Oct 24, 2008, at 4:52 PM, Dragan Milić wrote:

Assume I created an archiving tool and a user wants to extract some files from an archive into a directory one hasn't got write permission for (e.g. /Applictions). Currently, the application shows alert sheet informing the user of "permission denied" error. But imagine that instead of that, a standard Mac OS X authentication dialog appears, asking for admin password in order to complete the operation (with prior explanation of why that is necessary). Of course, if the user is suspicious, he/she can click "Cancel", in which case the "permission denied" error would appear as intended.

Do you think this is a good idea?


Why not? Finder already does this if you try to copy something into a folder and you don't have write permission in that folder.

On the other (negative) side, I'm aware many people wouldn't trust giving admin password to my application,

Really? It's been my experience that, even with the additional requirement of entering a password, most users do not think critically about multiple choice alert panels. People tend to go onto auto-pilot and just click "OK" on all of them without reading or thinking about them. They're better than nothing, though.

some may think that I faked authentication panel,

This is a possibility, though highly unlikely. I have yet to see someone even try making a phishing panel on Mac OS X, and when it does happen, then you can expect a security update to fix it within a month.

some may wonder "why in the world do I need to enter admin password to extract files?!".

Again, this is not very likely to happen. Most users will just pass through, and the few that think about it will probably be technically inclined enough to know that the reason why it's asking is because they don't have permission.

And for the small percentage in between, it is possible to customize the title of the authorization panel, so you can explain it there if you wish.

Nick Zitzmann
<http://www.chronosnet.com/>

_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden






References: 


 >Security - Write to protected directory (From: Kelly Graus <email@hidden>)


 >Re: Security - Write to protected directory (From: Bill Bumgarner <email@hidden>)


 >Re: Security - Write to protected directory (From: Jason Coco <email@hidden>)


 >Re: Security - Write to protected directory (From: Bill Bumgarner <email@hidden>)


 >Re: Security - Write to protected directory (From: Dragan Milić <email@hidden>)






    

  • Prev by Date:
Re: Security - Write to protected directory

    • 

  • Next by Date:
Re: NSImage/NSImageView opacity

    • 

  • Previous by thread:
Re: Security - Write to protected directory

    • 

  • Next by thread:
Re: Security - Write to protected directory

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •