Re: what's with the admin privilege business
Re: what's with the admin privilege business
- Subject: Re: what's with the admin privilege business
- From: Jens Alfke <email@hidden>
- Date: Tue, 26 Jan 2010 09:15:18 -0800
On Jan 25, 2010, at 8:27 PM, David Penton wrote:
Standard user accounts are be asked to authorize developer
privileges with either an admin or developer group user and password
once per log-in session when debugging or using the performance tools.
What the heck is this about? Will it go away soon? It just seems
wrong to me. I do nearly everything on my machine from a non-
privileged account out of an excess of caution.
Caution is exactly the point — all of these tools snoop on (or alter)
the memory or activities of other processes. The system calls they use
are only available to processes with admin privileges, because they
can be misused by malware.
For example, sweeping through Safari's or Mail's address space looking
for strings will probably turn up passwords. There are apps like The
Cheat that that make messing with other apps easy; my son uses them to
hack Spore so he can create "impossible" creatures.
—Jens _______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden