site_archiver@lists.apple.com Delivered-To: installer-dev@lists.apple.com Thread-index: AcX2tmptqMLHsmKpEdqqawAKlaBZUA== Thread-topic: Admin vs Root Authorization User-agent: Microsoft-Entourage/11.2.1.051004

It's tough, because if we lock down the system more, users are asked for a password more often, which makes the system less secure in the long run.

Yeah, I don't envy Apple on this one--it's a tough, tough problem to address--the remedy is a lose/lose. Unfortunately, for windows, they're exhibit A of how bad things can get (many apps these days require admin to install *and* run). A very tough problem indeed, and an even tougher one to pull out of once you're in it as I'm sure Redmond is painfully aware.

We really depend on developers like yourself making the right decisions here, using 'admin' or 'root' authentication in the installer only when you really need it, and using the correct one of 'admin' vs 'root' depending on whether it's something the user should be strongly alerted to.

Perhaps a direction to consider for big-picture mac os authentication changes is the fact that most pkgs only want admin access in order to copy over their app(s) to the common Applications folder. I realize that ideally, it's nice to have the user drag over an app from the img to wherever they like, but in situations where you have a suite of apps, this doesn't work as well. Our situation is that we need to copy a folder to the user's Application Support folder, so if we were to go with the user-drag approach, when they opened our img, they'd see three items: App 1.app App 2.app App Support.pkg Suddenly, to the novice user, there's a couple steps needed to install the software. And those steps are perhaps written in a readme, which makes a 4th item (and requires a user to read them). Finally, in our case, our pkg uses an "Installation Files" alongside our pkg (by popular request from power users that refuse to use installers that require admin access that shouldn't). Now we have: App 1.app App 2.app App Support.pkg Installation Files Readme So, our poor novice user may get a little overwhelmed (or annoyed) that the installation process has become something they actively need to engage in. So, back to my initial suggestion, a pkg getting write access to the common apps folder (and only that access) would seem to be a useful access level/flag to have (and the user auth prompt could reflect this lower access level). With this, our img would now only need to contain 2 items: Installer.pkg Installation Files (now also contains the .apps that are moved to the Applications folder). And, most importantly, the pkg would not require admin auth, just the special-access level auth that I described above. I just came up w/ the above idea off the cuff, so if it's got holes/problems, you need'd reply--just something to think about. Andy _______________________________________________ Do not post admin requests to the list. They will be ignored. Installer-dev mailing list (Installer-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/installer-dev/site_archiver%40lists.a... This email sent to site_archiver@lists.apple.com