• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: what's with the admin privilege business
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: what's with the admin privilege business

  • Subject: Re: what's with the admin privilege business
  • From: David Penton <email@hidden>
  • Date: Tue, 26 Jan 2010 19:32:59 -0500
On 2010-01-26, at 12:15 PM, Jens Alfke wrote:

>
> On Jan 25, 2010, at 8:27 PM, David Penton wrote:
>
>> Standard user accounts are be asked to authorize developer privileges with either an admin or developer group user and password once per log-in session when debugging or using the performance tools.
>>
>> What the heck is this about? Will it go away soon? It just seems wrong to me. I do nearly everything on  my machine from a non-privileged account out of an excess of caution.
>
> Caution is exactly the point — all of these tools snoop on (or alter) the memory or activities of other processes. The system calls they use are only available to processes with admin privileges, because they can be misused by malware.
>
> For example, sweeping through Safari's or Mail's address space looking for strings will probably turn up passwords. There are apps like The Cheat that that make messing with other apps easy; my son uses them to hack Spore so he can create "impossible" creatures.
>
> —Jens

Well, that's interesting. Live and learn, as they say.

I am certainly not at all well-versed in OS X architecture or development. In particular I know nothing about OS X security. So forgive my ignorance in asking the following.

Why is it that a development tool should need to access resources other than "my own", i.e. memory, processes etc. belonging to the logged-in user? Is it xcode per se that needs such access, or (potentially) the app being developed? I did application development on a variety of unix platforms in the 90's without ever requiring enhanced privileges.

Perhaps there is an OS X document that I should read about this.

Best,

- Dave - _______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: what's with the admin privilege business
      • From: Jens Alfke <email@hidden>
References: 
 >what's with the admin privilege business (From: David Penton <email@hidden>)
 >Re: what's with the admin privilege business (From: Jens Alfke <email@hidden>)

  • Prev by Date: Xcode won't help debug anymore
  • Next by Date: Re: Xcode won't help debug anymore
  • Previous by thread: Re: what's with the admin privilege business
  • Next by thread: Re: what's with the admin privilege business
  • Index(es):
    • Date
    • Thread