site_archiver@lists.apple.com Delivered-To: darwin-dev@lists.apple.com Is the right thing to make the app setuid root and do seteuid()? This is (currently) a command line application. I suspect I should ultimately add a UI and have it pop up a window asking for authentication... (but I'm trying to avoid a UI for now) Brad, _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.appl... This email sent to site_archiver@lists.apple.com On Oct 27, 2008, at 11:11 AM, Brad Parker wrote: If I have a app which wants to open a "privileged" socket (AF_NDRV) for direct ethernet access, We're strongly (and I do mean strongly) trying to move people off of setuid binaries. If it's a command line application, you can just require that the user run it as root or with sudo if performing actions that require access to this privileged port. -- Damien Sorresso BSD Engineering Apple Inc. smime.p7s