[launchd-dev] Starting/Stoping Apache HTTPD outside System Preferences

Quinn "The Eskimo!" eskimo1 at apple.com
Wed Mar 30 01:51:22 PDT 2011 

On 29 Mar 2011, at 19:35, Luke Scott wrote:

> Because of this key System Preferences can start/stop the service without being root.

You're starting from a false assumption here.  System Preferences has a privileged helper tool that it talks to (via IPC) in order to do any privileged operations.  That tool then protects those operations using Authorization Services.  The Sharing panel lets you start and stop Web Sharing without a password because the admin credentials you supplied when you logged in satisfies the "system.preferences" authorisation right.  If you log in as a non-admin user, that's not the case, and you must supply a password to acquire the right to start and stop Web Sharing.  Similarly, if you click the lock icon at the bottom of System Preferences, we destroy your admin credential and thus you must supply it to make changes like this.

The infrastructure for doing this is available to third party developers:

o Authorization Services is a public API.  You can use it to create custom authorisation rights and to acquire those rights.

<http://developer.apple.com/library/mac/#documentation/Security/Conceptual/authorization_concepts/01introduction/introduction.html%23//apple_ref/doc/uid/TP30000995>

<http://developer.apple.com/library/mac/#technotes/tn2095/_index.html%23//apple_ref/doc/uid/DTS10003110>

<http://developer.apple.com/library/mac/#qa/qa2001/qa1277.html%23//apple_ref/doc/uid/DTS10002309>

o The System Preferences helper tool is just a launchd daemon, so you can create your own.  BetterAuthorizationSample shows how to do this, and provides a bunch of reusable infrastructure.

<http://developer.apple.com/library/mac/#samplecode/BetterAuthorizationSample/Introduction/Intro.html%23//apple_ref/doc/uid/DTS10004207>

o If you can rely on Mac OS X 10.6 or later, you can use the Service Management framework (specifically SMJobBless) to make installing your launchd daemon easier.

o If you want to implement the lock icon, SFAuthorizationView makes that easy.

<http://developer.apple.com/library/mac/#documentation/Security/Reference/SecurityInterfaceFramework/Classes/SFAuthorizationView_Class/Reference/Reference.html%23//apple_ref/doc/uid/TP40003980>

S+E
--
Quinn "The Eskimo!"                    <http://www.apple.com/developer/>
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

More information about the launchd-dev mailing list