Re: Using the security framework
Re: Using the security framework
- Subject: Re: Using the security framework
- From: Michael Ash <email@hidden>
- Date: Sun, 25 Jan 2009 10:21:32 -0500
On Sun, Jan 25, 2009 at 3:19 AM, Kyle Sluder <email@hidden> wrote:
> On Sat, Jan 24, 2009 at 9:29 PM, Michael Ash <email@hidden> wrote:
>> I'm afraid I don't understand this advice. Could you explain what sort
>> of vulnerability would exist in a custom install tool that would not
>> exist when using Installer.app to install a custom package?
>
> It's vulnerable to a timing flaw. In order to securely install a
> helper tool, the installation process must run as root. In order to
> securely install an installer that runs as root, the installer
> installer must run as root. In order to...
>
> Installer.app solves this problem because it's preconfigured to be
> secure. You can invoke it to do the privileged installation for you
> without opening yourself up to the possibility that in between copying
> the file and its later invocation that its contents have been changed.
Instead of opening yourself up to the possibility that the contents of
the installer binary have been changed, you open yourself up to the
possibility that the contents of the installer .pkg have been changed.
Doesn't seem any better to me.
Mike
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden