Hi everyone, first mail here. I am making a small app which needs to delete some files that require privileged access (log files that the user doesn't have permissions to modify).
Currently I am deleting files using NSTask with rm or srm. I looked at the Security Services documentation and it seems to me that the "factored application" method is the most secure way to proceed with authentication to allow deletion of protected files. After further digging I found the BetterAuthSample code that (from what I've seen) is the recommended way to implement the factored application approach. My question is as follows: Is the BAS approach secure in this particular context? Let me explain my understanding of how BAS works and why I think it might be insecure in this case. Please correct me if I'm wrong. My understanding is that the Helper Tool implements a protocol allowing it to respond to application commands. In my case I would have a command which takes a file path and secure deletion mode as input. This helper tool is installed in a privileged directory which grants the tool the right to perform privileged operations. *after the initial installation authentication, the tool is installed in the privileged folder and it always possesses the right to delete privileged files without further authentication*. So what that would mean is that any application could potentially pass a file and secure deletion mode and have it deleted. I'm sure there's something wrong in that reasoning because it doesn't seem logical that any app could use the tool once it's installed, but by reading the documentation I'm not sure exactly if and how the helper tool makes sure it's only used by my application. Thanks in advance for any clarification. Regards, Michaël Fortin www.irradiated.net _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
