'[Pythonmac-SIG] How to run an app bundle as root?'

[prev in list] [next in list] [prev in thread] [next in thread] 

List: pythonmac-sig
Subject: [Pythonmac-SIG] How to run an app bundle as root?
From: "Arve Knudsen" <arve.knudsen () gmail ! com>
Date: 2006-11-03 16:54:29
Message-ID: a0d6258d0611030854p3db260c8ma06aa2716bb36a3f () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]

Yes, that would be my ideal approach. I simply don't have the time to
implement this at the moment however (I need a running prototype). Besides,
the OS X Installer operates this way already.

Thanks,
Arve Knudsen

On 11/3/06, Bob Ippolito <bob@redivi.com> wrote:
>
> On 11/3/06, Arve Knudsen <arve.knudsen@gmail.com> wrote:
> > Hello
> >
> > I'm writing a custom installation tool for OS X, which needs to run with
> > root privileges. The installation tool is packaged into an app bundle by
> way
> > of py2app. What I basically need to know is the best way of attaining
> root
> > privileges in the tool, must this be done with
> > AuthorizationExecuteWithPrivileges? I first tried this
> > approach, writing a wrapper script which executes the main script in a
> > privileged Python process. This doesn't quite work however, the
> resulting
> > window behaves completely different from what one would expect. That is,
> it
> > can't get focus and I can't command-tab to it.
> >
> > I thought of another approach, which is to first run a privileged
> program
> > which setuid's the bundle executable, and then re-execute the bundle.
> Would
> > this be a good approach, and how can I execute the bundle
> programmatically?
> >
>
> Sounds like you're taking the wrong strategy here. The idea is to use
> the privileged helper process to do *only* privileged operations.
> Don't use it for UI stuff. That's just dangerous.
>
> -bob
>

[Attachment #5 (text/html)]

Yes, that would be my ideal approach. I simply \
don't have the time to implement this at the moment however (I need a running \
prototype). Besides, the OS X Installer operates this way already. \
 Thanks, Arve Knudsen <div> <div>On 11/3/06, Bob Ippolito &lt;<a href="mailto:bob@redivi.com" \
target="_blank" onclick="return top.js.OpenExtLink(window,event,this)"> \
bob@redivi.com</a>&gt; wrote:<blockquote class="gmail_quote" \
style="margin-top: 0; margin-right: 0; margin-bottom: 0; margin-left: 0; margin-left: \
0.80ex; border-left-color: #cccccc; border-left-width: 1px; border-left-style: solid; \
padding-left: 1ex"> On 11/3/06, Arve Knudsen &lt;<a \
href="mailto:arve.knudsen@gmail.com" target="_blank" onclick="return \
top.js.OpenExtLink(window,event,this)">arve.knudsen@gmail.com</a>&gt; wrote: &gt; \
Hello &gt; &gt; I'm writing a custom installation tool for OS X, which needs to \
run with &gt; root privileges. The installation tool is packaged into an app \
bundle by way &gt; of py2app. What I basically need to know is the best way of \
attaining root &gt; privileges in the tool, must this be done with &gt; \
AuthorizationExecuteWithPrivileges? I first tried this &gt; approach, writing a \
wrapper script which executes the main script in a &gt; privileged Python \
process. This doesn't quite work however, the resulting &gt; window behaves \
completely different from what one would expect. That is, it &gt; can't get focus \
and I can't command-tab to it. &gt; &gt; I thought of another approach, which \
is to first run a privileged program &gt; which setuid's the bundle executable, \
and then re-execute the bundle. Would &gt; this be a good approach, and how can I \
execute the bundle programmatically? &gt; Sounds like you're taking the \
wrong strategy here. The idea is to use the privileged helper process to do \
*only* privileged operations. Don't use it for UI stuff. That's just \
dangerous. -bob </blockquote></div> </div>

_______________________________________________
Pythonmac-SIG maillist  -  Pythonmac-SIG@python.org
http://mail.python.org/mailman/listinfo/pythonmac-sig

[prev in list] [next in list] [prev in thread] [next in thread] 