Re: Kernel NKE projects user space daemon.
Re: Kernel NKE projects user space daemon.
- Subject: Re: Kernel NKE projects user space daemon.
- From: Mike Smith <email@hidden>
- Date: Tue, 3 Jan 2006 11:15:01 -0800
On Jan 3, 2006, at 8:31 AM, matt jaffa wrote:
I have a NKE project that needs a user space daemon to be running
to get information back from the user.
I have this working and everything, and have a daemon launched for
each individual user that runs the program.
I have my user space daemon with these privileges, 4755, which
means the setuid bit is set for my daemon executable so that it can
elevate itself to perform a process id lookup. My question is what
does Apple/Security feel about my application having the setuid bit
set?
Matt,
Firstly, many thanks for picking a sensible architecture for your
application.
I'm a little confused about "perform a process id lookup" though.
What are you trying to do, and what specific interface(s) are you
using that require privilege?
As a general rule, having your daemon run setuid inside the user's
environment is discouraged.
= Mike
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden