Re: authorization services
Re: authorization services
- Subject: Re: authorization services
- From: Todd Heberlein <email@hidden>
- Date: Mon, 14 Sep 2009 13:15:10 -0700
On Sep 14, 2009, at 12:57 PM, Mark Thomas wrote:
I was wondering if anybody could tell me if it's correct to use
authorizationExecuteWithPrivileges and wait() calls together, so the
parent process wait's until that new child process finishes.
Googling seems to imply this from the examples I've seen.
This is an indirect answer since I don't know the real one :-/ I
use the BetterAuthorizationSample (BAS) library, and my Cocoa process
is *not* the parent of the privileged process. I don't think this can
happen since I think it would break the UNIX model -- a process
escalating its privilege (other than executing a SUID, SGID file).
Rather, a launchd process already running as root executes my program
with the requested privileges and communication from my Cocoa program
to the privileged process is over a socket.
Using the BAS library, the function call does block until the
requested remote procedure call finishes (and you get the results from
the call in the response dictionary). But the privileged process can
actually live a while longer waiting for subsequent calls. If none
come after a certain amount of time, then it dies.
Todd
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden