Re: Security - Write to protected directory
Re: Security - Write to protected directory
- Subject: Re: Security - Write to protected directory
- From: Michael Nickerson <email@hidden>
- Date: Mon, 27 Oct 2008 00:07:17 -0400
On Oct 24, 2008, at 10:46 PM, Michael Ash wrote:
On Fri, Oct 24, 2008 at 8:46 PM, Tommy Nordgren
<email@hidden> wrote:
On 3 okt 2008, at 16.39, Michael Ash wrote:
...snip
Nope! AEWP is a rather broken API in more ways than one. One of the
ways that it's broken is that it is *impossible* to correctly use it
without a subprocess which will cooperate with you. The reason for
this is that you *must* use wait4 or waitpid to reap the zombie that
will be created when the subprocess terminates, but AEWP provides
*no*
way to get the pid. (You cannot use wait or wait3 because those
could
NOPE. As soon as the App terminates, any unreaped subprocess
will
become a child
of, and finally reaped by launchd
That's true, except it's bad form to leave zombies lying around when
your application has an unbounded lifetime, as basically every GUI
application does. It goes from bad to extremely bad if the
authorization process can be repeated an arbitrary number of times,
since you can build up an unlimited number of zombies that way. The
extreme difficulty of reaping the children left behind by AEWP is a
huge deficiency in the API.
You can always set things up to ignore child processes:
signal( SIGCHLD, SIG_IGN );
That way, if the children aren't specifically reaped they don't stay
around as zombies. Do note that the wait functions *do* still work if
you set that up, so this isn't going to mess anything up elsewhere
that is reaping a child.
--------------------------------------
Darkshadow
(aka Michael Nickerson)
http://www.nightproductions.net
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden