[launchd-dev] Privilege separation and crash resistance

Quinn eskimo1 at apple.com
Wed Oct 7 03:53:01 PDT 2009

At 12:08 +0200 7/10/09, Thomas Clement wrote:
>This seems to be incompatible with the idea of launching the agent 
>on-demand (not keeping it alive all the time).

Indeed.  launchd is not really structured to support that.  Services 
are pulled in from top to bottom.  The user logs in, which pulls in 
an agent, which pulls in the daemon.  Going the other way is tricky, 
and generally not recommended.

The typical solution to this problem is to have a lightweight agent 
that's always running that connects up to the daemon and launches any 
requested heavyweight agents in response to requests from the daemon. 
This is exactly the <x-man-page://8/UserEventAgent> is all about. 
Unfortunately, at least for you, the UserEventAgent plug-in mechanism 
is not public.

Quinn "The Eskimo!"                    <http://www.apple.com/developer/>
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

More information about the launchd-dev mailing list