• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: creating alias during installation
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: creating alias during installation

  • Subject: Re: creating alias during installation
  • From: Bill Coderre <email@hidden>
  • Date: Wed, 14 Feb 2007 14:00:01 -0800

On Feb 14, 2007, at 6:18 AM, John Daniel wrote:
On Feb 14, 2007, at 12:17 AM, Bill Coderre wrote:
So it's incorrect to have a "no authenticate" installer install into any location that a user might not be able to write to. If the user is non-admin, almost the only place that they CAN write is their home directory. (Almost)

The Installer is not enforcing this. Unix is.

Yes, I know. The only "officially correct" way to install an application (using PackageMaker) is to force the user to authenticate. But once someone authenticates, they give the installer complete access to their machine - Applications, /System, Startup Items, kernel, everything. Does my little shareware app need that? Clearly not.

I agree: it would be great to have some kind of security where things could mess with /Applications but not /System.

The problem is, 99.9% of Macs don't have a user with that combo of privs. They have an admin login, which has "wheel," and MAYBE they have a regular user that has nothing. What will the user supply for a login/password that will have the right combo? If they supply a root- capable password, then what happens when a rogue installer replaces the binary?

So yeah, I agree. It would be great to have, but it's a larger problem than just Installer.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Installer-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
References: 
 >Re: creating alias during installation (From: email@hidden)
 >Re: creating alias during installation (From: John Daniel <email@hidden>)
 >Re: creating alias during installation (From: Luke Bellandi <email@hidden>)
 >Re: creating alias during installation (From: John Daniel <email@hidden>)
 >Re: creating alias during installation (From: Bill Coderre <email@hidden>)
 >Re: creating alias during installation (From: John Daniel <email@hidden>)

  • Prev by Date: Re: creating alias during installation
  • Next by Date: Can we use applescript in packagemaker as postflight script?
  • Previous by thread: Re: creating alias during installation
  • Next by thread: Problems with Metapackages/Packages logging messages to the console in Panther...
  • Index(es):
    • Date
    • Thread