That's my understanding as well. So what to do?

On Feb 8, 2014, at 10:21 PM, SevenBits <sevenbitst...@gmail.com> wrote:

On Saturday, February 8, 2014, David Delmonte <ddelmo...@mac.com> wrote:

> Good advice. Thanks Jens. Do you know of any samples that employ good
> behavior?
> 
> Right now, I'm playing with SMJobBless.
> 
> Finally, does anyone know if the Mac App Store would accept an app with
> elevated permissions (admin permissions to enter a password)? (or am I
> confusing things?)


Apple's MAS review guidelines state that apps that attempt to elevate
permissions to root (ergo, apps that use the Authentication API) will be
rejected. So it's a safe bet to assume that it won't be accepted.


> 
> On Feb 8, 2014, at 7:26 PM, Jens Alfke <j...@mooseyard.com <javascript:;>>
> wrote:
> 
> 
> On Feb 8, 2014, at 2:51 PM, David Delmonte <ddelmo...@mac.com<javascript:;>>
> wrote:
> 
>> Yep, I'm implementing "EvenBetterAuthorizationSample" code now. Does
> make me sad to have to do this. I help older people use technology. They
> are always forgetting their passwords. Just trying to help..
> 
> The best way to do this would be to write a friendlier app similar to
> Keychain Access. I use that app all the time to look up passwords, but it
> takes a number of steps to do so and it's not terribly intuitive.
> 
> Browsers are pretty good about adding passwords to the Keychain. At least
> Safari and Chrome are; I think Firefox might have its own password store
> (boo). They're not always as good about filling in passwords for you again
> afterwards, although Safari 7 has gotten better. So it's sometimes
> necessary to look them up from the Keychain.
> 
> Writing an app that will store passwords in some other way is a bad idea.
> It's pretty much guaranteed to be less secure than the Keychain, which has
> some kernel-level support for helping keep its storage secure. The Keychain
> also has other advantages like syncing to iCloud and to iOS devices, in a
> fairly secure way.
> 
> (Sorry if I sound heavy-handed; nothing personal. I've been coding with a
> security-conscious mindset for quite a while now, and it sticks with you.
> Security is becoming increasingly important, and all developers whose code
> ever touches things like passwords should be following good practices.)
> 
> --Jens
> 
> _______________________________________________
> 
> Cocoa-dev mailing list (Cocoa-dev@lists.apple.com <javascript:;>)
> 
> Please do not post admin requests or moderator comments to the list.
> Contact the moderators at cocoa-dev-admins(at)lists.apple.com
> 
> Help/Unsubscribe/Update your Subscription:
> https://lists.apple.com/mailman/options/cocoa-dev/sevenbitstech%40gmail.com
> 
> This email sent to sevenbitst...@gmail.com <javascript:;>
_______________________________________________

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/ddelmonte%40mac.com

This email sent to ddelmo...@mac.com


_______________________________________________

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Reply via email to