Re: Executing an application
Re: Executing an application
- Subject: Re: Executing an application
- From: "mm w" <email@hidden>
- Date: Sun, 12 Oct 2008 00:44:13 -0700
yep it's fairly right, but there are
some threads on this question elsewhere
On Sat, Oct 11, 2008 at 9:23 PM, Todd Heberlein <email@hidden> wrote:
>> Double-clicking an app will cause lauchd to fork and start the process.
>> One Leopard posix_spawn is used to start the new process. E.g.
>
> Looking at the launchd source code, it looks like it sets the appropriate
> audit mask *before* calling posix_spawn().
>
> So is it possible that posix_spawn() doesn't create an audit record? This
> seems challenging... there may be no way to identify in the audit trail the
> name of a program started with launchd (?). This will make security auditing
> difficult.
>
> Todd
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Darwin-kernel mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
>
--
-mmw
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden