Re: Understanding MoreSecurity and MoreAuthSample
Re: Understanding MoreSecurity and MoreAuthSample
- Subject: Re: Understanding MoreSecurity and MoreAuthSample
- From: Quinn <email@hidden>
- Date: Thu, 18 Sep 2003 22:50:55 +0100
At 17:27 -0400 11/9/03, Peter Sichel wrote:
The above is speculation on my part. Apple needs to provide a clear
and unambiguous security model to developers if it wishes to avoid a
hodge podge of half baked measures.
The current AEWP model was designed as a temporary measure during the
Mac OS X 10.0 era to enable installers and such. It was never meant
as a long term correct solution. As you've noted, it has a variety
of problems.
The bug report that's tracking the replacement for AEWP is
<rdar://problem/3093666>.
MacNetworkProg is not a good place to look for a rationale for the
design of MoreAuthSample. While I wrote MoreAuthSample, it's design
is entirely based on AuthSample, which was written by Apple's
security team. Most of that team don't hang out on the
MacNetworkProg list. Rather, they hang out, and answer questions, on
the Apple CDSA mailing list.
<
http://www.lists.apple.com/apple-cdsa>
You might try asking your questions there.
S+E
--
Quinn "The Eskimo!" <
http://www.apple.com/developer/>
Apple Developer Technical Support * Networking, Communications, Hardware
_______________________________________________
macnetworkprog mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/macnetworkprog
Do not post admin requests to the list. They will be ignored.