• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Launching an app with extended rights
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Launching an app with extended rights

  • Subject: Re: Launching an app with extended rights
  • From: Kyle Sluder <email@hidden>
  • Date: Sun, 18 Sep 2011 16:25:56 -0700
The modern way is to use SMJobBless. ;-)

Apple is discouraging people from using AuthorizationExecuteWithPrivileges directly. Your scenario sounds like the perfect use case for launchd.

--Kyle Sluder
(Sent from the road)

On Sep 18, 2011, at 2:27 PM, Tito Ciuro <email@hidden> wrote:

> Hi Kyle,
>
> This is exactly what I've done, except that I'm not using SMJobBless.
>
> -- Tito
>
> On Sep 18, 2011, at 2:08 PM, Kyle Sluder wrote:
>
>> The modern way to do this is to split the server portion into a separate process and use SMJobBless to submit it as a privileged launchd task.
>>
>> --Kyle Sluder
>> (Sent from the road)
>>
>> On Sep 18, 2011, at 9:05 AM, Tito Ciuro <email@hidden> wrote:
>>
>>> Hello,
>>>
>>> When my app launches, I'd like it to listen to port 80 or 443. To do that, I believe I need to use Security Framework Authorization API to obtain extended rights. A potential solution is to split the app's executable int two parts:
>>>
>>> 1) one executable, the main one that first gets launched, obtains extended rights.
>>> 2) the app itself, which is the embedded web server.
>>>
>>> When the user double clicks the app, it would execute (1) with:
>>>
>>>  SFAuthorization *authorization = [SFAuthorization authorization];
>>>  BOOL result = [authorization obtainWithRights:NULL
>>>                                          flags:kAuthorizationFlagExtendRights
>>>                                    environment:NULL
>>>                               authorizedRights:NULL
>>>                                          error:&error];
>>>
>>> and then use NSTask to launch (2) via:
>>>
>>> + (NSString *)stringByLaunchingPath:(NSString *)processPath
>>>  withArguments:(NSArray *)arguments
>>>  authorization:(SFAuthorization *)authorization
>>>  error:(NSError **)error;
>>>
>>> Is this approach the way to go, or is there an easier/better/safer way do to that?
>>>
>>> Thank you,
>>>
>>> -- Tito
>>> _______________________________________________
>>>
>>> Cocoa-dev mailing list (email@hidden)
>>>
>>> Please do not post admin requests or moderator comments to the list.
>>> Contact the moderators at cocoa-dev-admins(at)lists.apple.com
>>>
>>> Help/Unsubscribe/Update your Subscription:
>>>
>>> This email sent to email@hidden
>
_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: Launching an app with extended rights
      • From: Tito Ciuro <email@hidden>
References: 
 >Launching an app with extended rights (From: Tito Ciuro <email@hidden>)
 >Re: Launching an app with extended rights (From: Kyle Sluder <email@hidden>)
 >Re: Launching an app with extended rights (From: Tito Ciuro <email@hidden>)

  • Prev by Date: Re: Launching an app with extended rights
  • Next by Date: Canceling text-completion
  • Previous by thread: Re: Launching an app with extended rights
  • Next by thread: Re: Launching an app with extended rights
  • Index(es):
    • Date
    • Thread