Le 30 sept. 2011 à 18:14, Eric Gorr a écrit : > > On Sep 30, 2011, at 10:34 AM, Jean-Daniel Dupas wrote: > >> >> Le 30 sept. 2011 à 16:01, Eric Gorr a écrit : >> >>> I had a couple of followup questions concerning the approach used by >>> SMJobBless in developing a secure helper tool. >>> >>> In the How It Works section in the ReadMe, it states: >>> >>> 4. Requiring the user to authorize the privileged helper tool only once the >>> first time it's used >>> >>> This is what I believe led to my confusion on why the app continues to ask >>> for the password every time I launch it. >>> >>> However, this statement actually refers to the need to just ask for the >>> password once at application launch and have the authorization remain valid >>> while the application is running. Is this correct? >>> >>> >>> I am also wondering how it might be possible to only ask for an admin >>> password once as an absolute regardless of the number of time the >>> application was launched. Is this possible? If so, how? >>> >> >> According the the SMJobBless (the function not the sample code) reference, >> it installs a launchd plist . So you need to auth only once to install the >> plist, not one time per application launch. > > I'm sorry, I don't see that in the documentation. An AuthorizationRef needs > to be passed to SMJobBless with the kSMRightBlessPrivilegedHelper right. To > get this right, one calls AuthorizationCreate and it is AuthorizationCreate > that requests the password with each launch of the application.
As I understand it, you have to bless the job only once, not at each launch, so you shouldn't have to request the authorization each time. -- Jean-Daniel _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
