Re: Use of /private
Re: Use of /private
- Subject: Re: Use of /private
- From: Todd Heberlein <email@hidden>
- Date: Mon, 14 Mar 2011 10:15:20 -0700
On Mar 14, 2011, at 9:58 AM, Shantonu Sen wrote:
> Are you saying this is a regression from Leopard or a previous release?
Auditing was broken on Leopard (and I think the previous release).
I'm just diving into more details about what the audit trail generates, and this week I was setting up a set of directory prefixes for which I want to be notified if their contents are modified, namely those directories that effect the integrity/security of the system. I hope there is a relatively small set of programs that should modify these. For example, I noticed last week when the software updater updated iTunes, a program called "shove" did the actual modification to the application.
Is there already a well-known set of directory prefixes whose contents should not be modified except through a well-known set of programs?
> /private has always existed on Mac OS X, and is a vestige of network rooting support from NeXTSTEP.
For some reason I thought it might be associated with a trend towards sandboxing where each application would get its own virtual or real copy of the system files, so if one program went rogue and modified the system, it wouldn't affect the other programs. I guess I was thinking too hard.
Todd
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden