site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com On Jan 3, 2006, at 12:40 PM, Brian Bergstrand wrote: On Jan 3, 2006, at 8:31 AM, matt jaffa wrote: = Mike _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... I have a NKE project that needs a user space daemon to be running to get information back from the user. I have this working and everything, and have a daemon launched for each individual user that runs the program. I have my user space daemon with these privileges, 4755, which means the setuid bit is set for my daemon executable so that it can elevate itself to perform a process id lookup. My question is what does Apple/Security feel about my application having the setuid bit set? I'm a little confused about "perform a process id lookup" though. What are you trying to do, and what specific interface(s) are you using that require privilege? I think he means that KERN_PROCARGS returns an error when you try to get info about processes running with a different uid than the calling application (unless you are root). In my case I only care about the full exec path and not the program args. You should not depend on any path information associated with a running process. However, KERN_PROC_PID can be used to get the process struct of any process from a non-root app and the kp_proc.p_comm member will give you a limited name (16 bytes and not the full path). The full path is very useful for use as an arg to LSCopyDisplayNameForURL(), but pcomm suffices as a fall back. Is there some other way for a non-root process to get the full exec path of any other process (including root owned)? No. In addition, there is no guarantee that the path is correct, that the file that is present at that path is the one being executed, that the path is acccessible or even valid for your context, or that there even was a path to begin with. Any information you get from p_comm or the KERN_PROCARGS sysctl is purely informative, and you should not depend on it in any fashion whatsoever. If you need a guaranteed association between running processes and filesystem identities you need to look at a higher level, and accept that there are processes and tasks which will fall outside the scope of the information available at that level. This email sent to site_archiver@lists.apple.com