On Mar 10, 2009, at 10:39 AM, Sidney San Martín wrote:
I can make a helper tool that I call with AuthorizationExecuteWithPrivileges. I already have this working, but it's vulnerable to attack (if the helper binary is replaced)
Yes, but the chances of that happening are very, very low unless the same user who installed the application also installed some malware that intentionally targeted your app. If that's a concern to you, then you could check a checksum or some other signature before invoking AEWP (). But keep in mind that (1) malware of any kind on Mac OS X is very rare to nonexistent, and (2) you cannot stop a very determined attacker; you can make it more difficult to discourage the less determined, but not impossible.
and apparently has poorly-documented caveats (needing to reap the process when it's done executing, for one, which is something else I've never done).
Well, you don't _need_ to reap the zombies if you don't want to. It'll just look strange in Activity Monitor, and will waste a little RAM until the parent task exits.
Nick Zitzmann <http://www.chronosnet.com/> _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
