On Thu, May 22, 2008 at 2:16 PM, Jerry Krinock <[EMAIL PROTECTED]> wrote:
> > On 2008 May, 22, at 9:46, Sherm Pendley wrote: > > Apple provides an Objective-C interface. It lacks an >> AuthorizationExecuteWithPrivileges() method, but I think that Apple >> omitted >> that deliberately. >> > > Yes, I believe the idea is that you need to make a tool as in > BetterAuthorizationSample to do that. I don't think that kind of factoring - although certainly the correct thing to do - is the reason Apple chose not to include an AEWP method in the Objective-C version of the API. The lack of such a method doesn't have any significant effect, positive or negative, on one's ability to factor one's app. One could just as easily call the C function from a non-factored app, after all, or call the method (if there were one) from a helper tool. I think the intent is to make it more difficult to subvert a helper tool that's written in Objective-C. The runtime allows many ways to intercept and modify method calls, which could easily result in an AEWP method call in the helper tool being used for nefarious purposes. (For instance, you could modify the path string the tool sends as an argument to chmod, resulting in the helper tool "repairing" the suid bit on something other than itself.) This kind of attack is possible for a C function too, of course. The issue here is that the Objective-C runtime makes it much, much simpler to do this kind of code injection. Both PyObjC and F-Script, for instance, can use this capability to inject a script interpreter into an app that wasn't born with one, even while the app is running. Sometimes I think I should have specialized in security - I'm all the time thinking of worst-case scenarios like this one. :-) sherm-- -- Cocoa programming in Perl: http://camelbones.sourceforge.net _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to [EMAIL PROTECTED]
