[launchd-dev] UserName ignored on per-user LaunchAgents

[Nathan Duran]

On Dec 5, 2007, at 2:50 PM, Kevin Van Vechten wrote:

> Absolutely.  Helper tools require a setuid executable bit to be set;  
> they're also inherently less secure -- every environment variable  
> used by every library linked against is a potential source of  
> attack.  Launch-on-demand helpers start from a clean environment,  
> avoiding this class of vulnerabilities.

I get that, but I'm talking about what the user sees on their screen,  
not the under-the-hood stuff they know nothing about.