On Wed, Jun 11, 2008 at 8:49 PM, Jason Coco <[EMAIL PROTECTED]> wrote: > The documentation is talking about using AuthorizationExecuteWithPrivleges() > to repair a setuid tool that you may have already created. It is also > suggesting that you use the setuid tool method rather than using > AuthorizationExecuteWithPrivleges(). In this way, the setuid tool can limit > itself to only doing a specific task. It can also ensure that its caller is > authorized to call it and abort in any other circumstance.
Also, if you avoid AuthorizationExecuteWithPrivleges() and do things the recommended way, then administrators can edit /etc/authorization and allow access to your tool w/o prompting the user. People who get lazy and use AuthorizationExecuteWithPrivleges() all the time make that impossible. _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to [EMAIL PROTECTED]
