Re: Authenticate NSFileManager Operations
Re: Authenticate NSFileManager Operations
- Subject: Re: Authenticate NSFileManager Operations
- From: Ken Thomases <email@hidden>
- Date: Wed, 5 May 2010 10:49:50 -0500
On May 5, 2010, at 10:32 AM, email@hidden wrote:
> I am using
>
> - (BOOL)copyItemAtPath:(NSString *)srcPath toPath:(NSString *)dstPatherror:(NSError **)error
>
> to copy a framework to /Library/Frameworks.
>
> But first I use
>
> - (BOOL)removeItemAtPath:(NSString *)path error:(NSError **)error
>
>
> On my system all is well.
It's not so much your system as the fact that you're logged into an administrator account.
> On a user system I get
>
> You do not have appropriate access privileges.
>
> On the remove step.
Indeed, a normal user account won't have permissions to modify stuff in /Library
> How does one invoke authentication for NSFileManager operations?
One does not. A central tenet of the Unix security model is that processes can not gain privileges, they can only reduce their privileges. So, privileged operations can only be performed by a process which started out with privileges and never gave them up.
In other words, you have to launch a separate process in a special way in order to perform privileged operations.
One technique is to use the "authopen" command, if it works for the purpose. Another technique is outlined in the BetterAuthorizationSample sample code:
http://developer.apple.com/mac/library/samplecode/BetterAuthorizationSample/Introduction/Intro.html
Cheers,
Ken
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden