Re: Security Info
Re: Security Info
- Subject: Re: Security Info
- From: <email@hidden>
- Date: Wed, 09 Oct 2002 11:47:44 +0100
- Organization: Coderus Ltd
Hi,
Merged the 2 replies,
<snip> Quinn comment
>
The backend associated with System Preferences is not public because
>
its design is intimately tied in with the design of System
>
Preferences itself; it was never meant to be an API.
</snip>
<snip> Alan comment
>
Calling fork/exec of the "scselect" command is certainly quick. It
>
also alleviates the need to write a setUID application/helper. Of
>
course, having the command isn't the answer for everyone. Some would
>
prefer a programmatic API and my hopes are provide something at some
>
later date in time.
</snip>
My rational is that everybody, keep on commenting that I will need to make
"setUID application/helper", bullet proof and then combined with the issues
of the finder problems with this. Its seems to me that we are all writing
similar code.
So my thoughts are there should be API (similar to the MoreSCF, which
would do the Authorize calls and communicate with the helper, open source
even) which which could be used in conjunction with an Apple produced
"setUID application/helper" at least then there is a single point of
failure/security.
As basically anyone who write one of these "setUID application/helper",
could easily hack any ones machine, as we have root access now. I know that
sometimes developers will need root access to do whatever we need, but I
think Apple should limit the reasons developers need root access.
Mark.
_______________________________________________
macnetworkprog mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/macnetworkprog
Do not post admin requests to the list. They will be ignored.