site_archiver@lists.apple.com Delivered-To: darwin-dev@lists.apple.com http://developer.apple.com/documentation/Security/Conceptual/authorization_c... Le 24 juin 08 à 12:32, Stéphane a écrit : _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/devlists%40shadowlab.org This email sent to devlists@shadowlab.org _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.appl... This email sent to site_archiver@lists.apple.com There is no administration privileges from a Mac OS X point of view. Each privileged task has its own rules defined in /etc/authorization See "Performing Privileged Operations With Authorization Services" for details about Mac OS X authorization policy. What's the official way to detect a user has administration privileges (from a Mac OS X point of view)? OpenDirectory (how?) or does the fact that the user belongs to group admin is enough (with the exception of root)? smime.p7s