Le 25 janv. 2010 à 11:56, Uli Kusterer a écrit : > At WWDC I was told that Apple don't test AppKit against root (or at least, > not much). Since the idea is to limit the time applications run as root for > security reasons, there is no high priority find and fix such issues in > AppKit. This means Apple can focus more of its developers on hardening the > command-line part against root exploits. > > There have been issues like this in the past. For example, for a while, > loginwindow used to load QuickTime components, which would then get loaded as > root. A harmless application installing a QuickTime component could then > cause the OS to crash at login time, as root. > > So, whatever your or my or Gwynne's personal opinion, Mac OS X has been > designed under the assumption that no GUI app will be run as root (only a few > tasks like loginwindow). If you do so anyway, you're tearing a hole in > Apple's security policy and endangering your users' Macs.
Okay, I didn't meant to be rude, arrogant or whatever. I just tried to understand. But I'm perfectly aware that when you develop for a given platform, you implicitly agree to abide by its philosophy. I've not been confronted to this problem up to now, so I came up with the solution I adopted before in a pure Unix/X11 environment. Hopefully, if ever I have to face it, I'll remember what you told me. Tchüß! Vincent_______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
