On Sat, Jan 24, 2009 at 9:29 PM, Michael Ash <michael....@gmail.com> wrote: > I'm afraid I don't understand this advice. Could you explain what sort > of vulnerability would exist in a custom install tool that would not > exist when using Installer.app to install a custom package?
It's vulnerable to a timing flaw. In order to securely install a helper tool, the installation process must run as root. In order to securely install an installer that runs as root, the installer installer must run as root. In order to... Installer.app solves this problem because it's preconfigured to be secure. You can invoke it to do the privileged installation for you without opening yourself up to the possibility that in between copying the file and its later invocation that its contents have been changed. --Kyle Sluder _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
