site_archiver@lists.apple.com Delivered-To: installer-dev@lists.apple.com On Feb 14, 2007, at 12:17 AM, Bill Coderre wrote: John _______________________________________________ Do not post admin requests to the list. They will be ignored. Installer-dev mailing list (Installer-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/installer-dev/site_archiver%40lists.a... So it's incorrect to have a "no authenticate" installer install into any location that a user might not be able to write to. If the user is non-admin, almost the only place that they CAN write is their home directory. (Almost) The Installer is not enforcing this. Unix is. Yes, I know. The only "officially correct" way to install an application (using PackageMaker) is to force the user to authenticate. But once someone authenticates, they give the installer complete access to their machine - Applications, /System, Startup Items, kernel, everything. Does my little shareware app need that? Clearly not. So, I am going to investigate creating an "incorrect" installer that uses a preflight script to test for the ability to install into / Applications. Just because it is officially "incorrect" doesn't mean it might not be the best option:) I am a little worried about depending on a preflight script, but only because the scripts in my "official" admin-authorized installer don't always work. But with this method, I might even have a chance to tell a user why the install failed. I know I definitely need more error handling and recovery in my scripts in any case. This email sent to site_archiver@lists.apple.com