[launchd-dev] UserName ignored on per-user LaunchAgents
Nathan Duran
launchd at khiltd.com
Wed Dec 5 09:31:02 PST 2007
On Dec 5, 2007, at 12:48 AM, Kevin Van Vechten wrote:
> With launchd, it's now possible to get rid of the setuid binary
> (which avoids a whole class of potential privilege escalation
> vulnerabilities) and replace it with a LaunchDaemon that executes in
> a privileged context. The Cocoa application can send an IPC message
> to the Daemon, and the daemon can perform the privileged operation
> (Authorization API can still be used to create an "external form"
> that can be validated across the IPC channel).
I'm afraid I don't understand what is meant by the term "external
form" here. Are you suggesting that the authorization API be used to
prevent rogue applications from utilizing the IPC services vended by
the daemon?
More information about the launchd-dev
mailing list