On Saturday, February 8, 2014, David Delmonte <ddelmo...@mac.com> wrote:
> Good advice. Thanks Jens. Do you know of any samples that employ good > behavior? > > Right now, I'm playing with SMJobBless. > > Finally, does anyone know if the Mac App Store would accept an app with > elevated permissions (admin permissions to enter a password)? (or am I > confusing things?) Apple's MAS review guidelines state that apps that attempt to elevate permissions to root (ergo, apps that use the Authentication API) will be rejected. So it's a safe bet to assume that it won't be accepted. > > On Feb 8, 2014, at 7:26 PM, Jens Alfke <j...@mooseyard.com <javascript:;>> > wrote: > > > On Feb 8, 2014, at 2:51 PM, David Delmonte <ddelmo...@mac.com<javascript:;>> > wrote: > > > Yep, I'm implementing "EvenBetterAuthorizationSample" code now. Does > make me sad to have to do this. I help older people use technology. They > are always forgetting their passwords. Just trying to help.. > > The best way to do this would be to write a friendlier app similar to > Keychain Access. I use that app all the time to look up passwords, but it > takes a number of steps to do so and it's not terribly intuitive. > > Browsers are pretty good about adding passwords to the Keychain. At least > Safari and Chrome are; I think Firefox might have its own password store > (boo). They're not always as good about filling in passwords for you again > afterwards, although Safari 7 has gotten better. So it's sometimes > necessary to look them up from the Keychain. > > Writing an app that will store passwords in some other way is a bad idea. > It's pretty much guaranteed to be less secure than the Keychain, which has > some kernel-level support for helping keep its storage secure. The Keychain > also has other advantages like syncing to iCloud and to iOS devices, in a > fairly secure way. > > (Sorry if I sound heavy-handed; nothing personal. I've been coding with a > security-conscious mindset for quite a while now, and it sticks with you. > Security is becoming increasingly important, and all developers whose code > ever touches things like passwords should be following good practices.) > > --Jens > > _______________________________________________ > > Cocoa-dev mailing list (Cocoa-dev@lists.apple.com <javascript:;>) > > Please do not post admin requests or moderator comments to the list. > Contact the moderators at cocoa-dev-admins(at)lists.apple.com > > Help/Unsubscribe/Update your Subscription: > https://lists.apple.com/mailman/options/cocoa-dev/sevenbitstech%40gmail.com > > This email sent to sevenbitst...@gmail.com <javascript:;> _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
