• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Privileged file deletion using BetterAuthSample (factored application) : secure?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Privileged file deletion using BetterAuthSample (factored application) : secure?

  • Subject: Privileged file deletion using BetterAuthSample (factored application) : secure?
  • From: Michaël Fortin <email@hidden>
  • Date: Sat, 4 Sep 2010 08:06:40 -0400
Hi everyone, first mail here.

I am making a small app which needs to delete some files that require privileged access (log files that the user doesn't have permissions to modify).

Currently I am deleting files using NSTask with rm or srm.

I looked at the Security Services documentation and it seems to me that the "factored application" method is the most secure way to proceed with authentication to allow deletion of protected files. After further digging I found the BetterAuthSample code that (from what I've seen) is the recommended way to implement the factored application approach.

My question is as follows: Is the BAS approach secure in this particular context?

Let me explain my understanding of how BAS works and why I think it might be insecure in this case. Please correct me if I'm wrong.

My understanding is that the Helper Tool implements a protocol allowing it to respond to application commands. In my case I would have a command which takes a file path and secure deletion mode as input. This helper tool is installed in a privileged directory which grants the tool the right to perform privileged operations. *after the initial installation authentication, the tool is installed in the privileged folder and it always possesses the right to delete privileged files without further authentication*. So what that would mean is that any application could potentially pass a file and secure deletion mode and have it deleted.

I'm sure there's something wrong in that reasoning because it doesn't seem logical that any app could use the tool once it's installed, but by reading the documentation I'm not sure exactly if and how the helper tool makes sure it's only used by my application.

Thanks in advance for any clarification.

Regards,
Michaël Fortin
www.irradiated.net
_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: Privileged file deletion using BetterAuthSample (factored application) : secure?
      • From: Jerry Krinock <email@hidden>
  • Prev by Date: Disable exceptions in Objective-C++ files when building for x86_64?
  • Next by Date: Problem with cocoa async sockets
  • Previous by thread: Disable exceptions in Objective-C++ files when building for x86_64?
  • Next by thread: Re: Privileged file deletion using BetterAuthSample (factored application) : secure?
  • Index(es):
    • Date
    • Thread