I think I figured out how SD does it:
When you unlock SD!, it calls AEWP() on SDAgent. Then, SDAgent calls
setuid(0) to make itself root. With it as root, when it calls SDCopy,
or SDDiskTool, it calls it with AEWP, and since it's root, it doesn't
need the user's password to do this!
This is just my guess. But it sounds fairly right :)
Cheers,
Joe Turner
On Jan 24, 2009, at 6:47 AM, Michael Ash wrote:
On Fri, Jan 23, 2009 at 10:59 PM, Joe Turner <joetur...@me.com> wrote:
Okay, so, it seems everyone was right :) I went to cocoabuilder to
find some
of the responses to this, that I never got.
Anyways, it seems I can just call AEWP() once, and it should stay
suid.
So, my last question to everyone is, how do I know if the tool is
suid. I
mean, I could implement some sort of lock-unlock thing, and then I
would be
pretty sure, but is there anyway to know for sure?
And, is there a way to take SUID away from it? So, if I want to
lock it, it
would work.
"man 2 stat" to check the bit, "man 2 chmod" to set it.
Mike
_______________________________________________
Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/cocoa-dev/joeturner%40me.com
This email sent to joetur...@me.com
_______________________________________________
Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com
This email sent to arch...@mail-archive.com
