Re: Using the security framework
Re: Using the security framework
- Subject: Re: Using the security framework
- From: Joe Turner <email@hidden>
- Date: Sat, 24 Jan 2009 15:41:48 -0600
So, you are saying that I must create an install tool, that installs
my utility that will run as root?
On Jan 24, 2009, at 2:23 PM, Chris Hanson wrote:
The proper way to construct everything you've described is discussed
in the Authorization Services Programming Guide.
Authorization Services Programming Guide
http://developer.apple.com/documentation/Security/Conceptual/authorization_concepts/index.html
The current, most up-to-date and correct example of constructing an
application with a helper that performs privileged operations
securely on its behalf is "BetterAuthorizationSample" which replaces
the previous "MoreAuthSample" example code.
BetterAuthorizationSample
http://developer.apple.com/samplecode/BetterAuthorizationSample/index.html
It is critical to your users' security that you understand
everything presented in the above programming guide and example
before you attempt to write code that needs to run with elevated
privileges. You must not simply use
AuthorizationExecuteWithPrivileges to run arbitrary code or scripts
"as root." You must install your helper tool securely. There's a
lot to do if you want to run code with elevated privileges, and it
must be done correctly; the rationale for the design recommended by
the Programming Guide and BetterAuthorizationSample is documented in
"Design and Implementation Rationale.txt" within the example:
BetterAuthorizationSample - Design and Implementation Rationale
http://developer.apple.com/samplecode/BetterAuthorizationSample/listing4.html
Unfortunately, when it comes to system security there's no "I'm
just…" or "I simply want to…" All i's must be dotted and all t's
crossed, or you risk compromising your users' security. Fortunately
there's extensive documentation on how to manage the complexity
involved, and you can provide a decent user experience if you do the
cooking by the book.
-- Chris
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden