RE: Authorization in an Installer plugin
site_archiver@lists.apple.com Delivered-To: installer-dev@lists.apple.com Thread-index: AcotiEd9HR6AZ1ugSe6FmnJslAjW8AvrSkig Thread-topic: Authorization in an Installer plugin Hi, I'm currently looking into doing something similar to this... Did you locate any useful documentation, or find that AuthorizationCreateFromExternalForm was the best way to do it? Kind Regards, Dave -----Original Message----- From: installer-dev-bounces+david.glover=prometheanworld.com@lists.apple.com [mailto:installer-dev-bounces+david.glover=prometheanworld.com@lists.app le.com] On Behalf Of Erik Larsson Sent: 04 September 2009 18:49 To: Greg Neagle Cc: installer-dev@lists.apple.com Subject: Re: Authorization in an Installer plugin Hi Greg, That's a possible solution, yes. Thanks for the suggestion... I didn't think about that. However, I have been so naughty as to peek into the object code of those installer plugins that magically seem to get authorized and found references to AuthorizationCreateFromExternalForm, and I thought that maybe there's something poorly documented about the Install procedure that they are making use of. Like a lingering AuthorizationRef from the first time the user authorized that you could somehow get hold of... - Erik Greg Neagle wrote:
Since postflight/upgrade/install scripts run with privileges (assuming
the package requires RootAuthorization), couldn't you just have your plugin write the data some place world-writable (like /tmp) and then have the postflight script read that and write to the system-wide prefs file?
-Greg
On Sep 4, 2009, at 7:17 AM, Erik Larsson wrote:
Hi,
I'm writing an Installer plugin which needs to perform a privileged operation (writing to a system-wide preference file), and I'm wondering how I can reuse the authorization already made when installing the files. I have witnessed many installer plugins that execute after the file copy stage that make changes to otherwise protected files without requiring the user to re-authenticate, but I cannot understand how they do it.
Currently, I create a new Authorization reference and have the user authenticate, which means the user will have to type its password in a new authentication dialog, before calling a helper tool with AuthorizationExecuteWithPrivileges to carry out the actual operation. I would really like to avoid having the user type its credentials in two dialogs in a row (first for copying files, second for writing to the preference file).
Any hints would be welcome...
Regards,
- Erik
P.S. I sent the previous email from the wrong address. Blame Thunderbird.
_______________________________________________ Do not post admin requests to the list. They will be ignored. Installer-dev mailing list (Installer-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/installer-dev/greg.neagle%40disne yanimation.com
This email sent to greg.neagle@disneyanimation.com
_______________________________________________ Do not post admin requests to the list. They will be ignored. Installer-dev mailing list (Installer-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/installer-dev/david.glover%40prom etheanworld.com This email sent to david.glover@prometheanworld.com Promethean Limited is a company registered in England and Wales with company number 1308938 and VAT number GB 572 2599 18 ______________________________________________ Promethean Ltd and or associated and or subsidiary companies : The views expressed in this communication may not necessarily be the views held by Promethean Ltd and or associated and or subsidiary companies. This e-mail is for the exclusive use of the addressee(s). Unauthorised disclosure, copying or distribution is prohibited. This e-mail message has been swept for the presence of computer viruses. Promethean Ltd and or associated and or subsidiary companies accepts no liability for any loss resulting from this email transmission. Promethean, Promethean House, Lower Philips Road, Blackburn, Lancashire, BB1 5TH, UK. Please update your records accordingly. Thank you! _______________________________________________ Do not post admin requests to the list. They will be ignored. Installer-dev mailing list (Installer-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/installer-dev/site_archiver%40lists.a... This email sent to site_archiver@lists.apple.com
participants (1)
-
Glover,David