Re: Using the security framework
Re: Using the security framework
- Subject: Re: Using the security framework
- From: Chris Hanson <email@hidden>
- Date: Sat, 24 Jan 2009 15:08:34 -0800
On Jan 24, 2009, at 1:41 PM, Joe Turner wrote:
So, you are saying that I must create an install tool, that installs
my utility that will run as root?
I am saying that, in order to maintain your users' system security,
you must follow the guidance in the Authorization Services Programming
Guide and BetterAuthorizationSample example code when implementing
software that needs to run with elevated privileges.
Among other things, to be truly secure you must use a secure
installation mechanism. Do not write your own install tool — it can't
be made secure without itself being installed via a secure
installation mechanism. Instead, use Installer.app for your
installations since it's included with the operating system and not
modifiable with normal user privileges.
You can still ship your application as a drag-install; for example,
your application itself can include an installer package to do the
actual installation of the tool it uses and its launchd plist, and
open the package in Installer.app if the tool needs to be installed.
-- Chris
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden