On Wed, Mar 11, 2009 at 3:22 PM, Nick Zitzmann wrote:
> What it's saying is AEWP() will run pretty much anything you tell it to run.
> That is not always a good thing, because the secure tool can be swapped by
> some malware, which would cause AEWP() to run the wrong tool. This is one of
> the few
On Mar 11, 2009, at 12:52 PM, Sidney San Martín wrote:
"You may be tempted to use the function
AuthorizationExecuteWithPrivileges to perform privileged operations
rather than creating and calling your own setuid tool. Although this
might seem like an easy solution, using the
Authorizatio
All right, those are fair points. But I forgot to mention that what
also worries me about that method is this paragraph from the
Authorization Services Programming Guide:
"You may be tempted to use the function
AuthorizationExecuteWithPrivileges to perform privileged operations
rather tha
On Mar 10, 2009, at 10:39 AM, Sidney San Martín wrote:
I can make a helper tool that I call with
AuthorizationExecuteWithPrivileges. I already have this working, but
it's vulnerable to attack (if the helper binary is replaced)
Yes, but the chances of that happening are very, very low unless t
I'm fairly new to Cocoa (new to real desktop programing in general, to
be honest) and am building an app that's going to want occasional
system-level privileges (10.4+). Actually, here's what it needs:
1. To be able to set its preferences system-wide
2. To add itself as a login item for all users
