On Dec 5, 2007, at 9:51 AM, Quinn wrote:
At 9:31 -0800 5/12/07, Nathan Duran wrote:
I'm afraid I don't understand what is meant by the term "external form" here. Are you suggesting that the authorization API be used to prevent rogue applications from utilizing the IPC services vended by the daemon?
For a concrete illustration of this, check out the recently released BetterAuthorizationSample.
<http://developer.apple.com/samplecode/BetterAuthorizationSample/index.html
Share and Enjoy
I finally had a chance to sit down and look over this, and while I think it may be a great approach for an application which needs to perform certain tasks as root on an ongoing basis, I don't think it's a privileged operations panacea, however secure it may be. In particular, it strikes me as overkill to litter /Library and /var with support files and dance around with complicated launchd IPC maneuvers at times when all I need to do is create a keychain item or install a trusted root certificate as part of a larger software installation. Things like this are usually run once before they're thrown away, and since something's going to have to ask for permission to write all those root-owned plists out anyway, might as well get it over with right then and there the old fashioned AEWP/setuid way. Cool stuff, but I unfortunately can't replace any of the helper tools I've got with it. The asl_log() thing sounds interesting, though. What list should I complain about the lack of documentation/evangelization for that on? I didn't even know it existed.