Re: Installer has admin permissions but installer plugins don't
Re: Installer has admin permissions but installer plugins don't
- Subject: Re: Installer has admin permissions but installer plugins don't
- From: Kyle Sluder <email@hidden>
- Date: Mon, 4 May 2009 17:05:48 -0400
On Sat, May 2, 2009 at 5:07 PM, Fritz Anderson <email@hidden> wrote:
> For most purposes, it's enough for the plugin to write what it has learned
> into /tmp, for one of the scripts to act on.
Do not use /tmp. Use NSTemporaryDirectory, which on Leopard is a
user-specific directory. Using /tmp opens up a class of security
vulnerabilities that might allow code execution in another user's
context.
Also, be very careful if you're trying to use temporary files to pass
data from a non-privileged to a privileged process. You might
introduce a race condition under which a malicious application could
escalate its privileges by overwriting the contents of the temporary
file between the non-privileged write and the privileged read.
--Kyle Sluder
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden