Re: execute system("some script") on behalf of root from non-root app
Re: execute system("some script") on behalf of root from non-root app
- Subject: Re: execute system("some script") on behalf of root from non-root app
- From: eveningnick eveningnick <email@hidden>
- Date: Thu, 6 Jan 2011 18:01:50 +0200
> Executing arbitrary scripts as root is also a potentially major security hole. Your goal should be to do as little as possible as root (or other elevated privileges), and with as little flexibility as possible.
>
> Security is hard, and if you don't understand the issues, you should take a step back and learn them before attempting to work them. If you get them wrong, you've just exposed your customers to having their machine attacked.
Yes, this kind of applications should be thought throughoutly.
The biggest problem is the replacement of the helper tool - if it is
replaced, or an alias is created with the same name in the directory
of the calling application for ex, which is pointing to a malicious
app, that malicious process will be executed with root privileges
instead of a real helper tool which can do anything on the system,
remaining invisible. For conspiracy it can launch a genuine "helper
tool" after doing bad things. So when your application gets popular
(and bad guys find this security hole), it can be and most likely will
be exploited.
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden