[prev in list] [next in list] [prev in thread] [next in thread]
List: pythonmac-sig
Subject: [Pythonmac-SIG] How to run an app bundle as root?
From: "Arve Knudsen" <arve.knudsen () gmail ! com>
Date: 2006-11-03 16:54:29
Message-ID: a0d6258d0611030854p3db260c8ma06aa2716bb36a3f () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Yes, that would be my ideal approach. I simply don't have the time to
implement this at the moment however (I need a running prototype). Besides,
the OS X Installer operates this way already.
Thanks,
Arve Knudsen
On 11/3/06, Bob Ippolito <bob@redivi.com> wrote:
>
> On 11/3/06, Arve Knudsen <arve.knudsen@gmail.com> wrote:
> > Hello
> >
> > I'm writing a custom installation tool for OS X, which needs to run with
> > root privileges. The installation tool is packaged into an app bundle by
> way
> > of py2app. What I basically need to know is the best way of attaining
> root
> > privileges in the tool, must this be done with
> > AuthorizationExecuteWithPrivileges? I first tried this
> > approach, writing a wrapper script which executes the main script in a
> > privileged Python process. This doesn't quite work however, the
> resulting
> > window behaves completely different from what one would expect. That is,
> it
> > can't get focus and I can't command-tab to it.
> >
> > I thought of another approach, which is to first run a privileged
> program
> > which setuid's the bundle executable, and then re-execute the bundle.
> Would
> > this be a good approach, and how can I execute the bundle
> programmatically?
> >
>
> Sounds like you're taking the wrong strategy here. The idea is to use
> the privileged helper process to do *only* privileged operations.
> Don't use it for UI stuff. That's just dangerous.
>
> -bob
>
[Attachment #5 (text/html)]
<span class="gmail_quote"><br></span>Yes, that would be my ideal approach. I simply \
don't have the time to implement this at the moment however (I need a running \
prototype). Besides, the OS X Installer operates this way already. \
<br><br>Thanks,<br><span class="sg">Arve Knudsen </span><div><span class="e" \
id="q_10eaebda50c83600_2"><br><br><div><span class="gmail_quote">On 11/3/06, <b \
class="gmail_sendername">Bob Ippolito</b> <<a href="mailto:bob@redivi.com" \
target="_blank" onclick="return top.js.OpenExtLink(window,event,this)"> \
bob@redivi.com</a>> wrote:</span><blockquote class="gmail_quote" \
style="margin-top: 0; margin-right: 0; margin-bottom: 0; margin-left: 0; margin-left: \
0.80ex; border-left-color: #cccccc; border-left-width: 1px; border-left-style: solid; \
padding-left: 1ex"> On 11/3/06, Arve Knudsen <<a \
href="mailto:arve.knudsen@gmail.com" target="_blank" onclick="return \
top.js.OpenExtLink(window,event,this)">arve.knudsen@gmail.com</a>> wrote:<br>> \
Hello<br>><br>> I'm writing a custom installation tool for OS X, which needs to \
run with <br>> root privileges. The installation tool is packaged into an app \
bundle by way <br>> of py2app. What I basically need to know is the best way of \
attaining root<br>> privileges in the tool, must this be done with <br>> \
AuthorizationExecuteWithPrivileges? I first tried this<br>> approach, writing a \
wrapper script which executes the main script in a <br>> privileged Python \
process. This doesn't quite work however, the resulting <br>> window behaves \
completely different from what one would expect. That is, it<br>> can't get focus \
and I can't command-tab to it. <br>><br>> I thought of another approach, which \
is to first run a privileged program <br>> which setuid's the bundle executable, \
and then re-execute the bundle. Would<br>> this be a good approach, and how can I \
execute the bundle programmatically? <br>><br><br>Sounds like you're taking the \
wrong strategy here. The idea is to use <br>the privileged helper process to do \
*only* privileged operations.<br>Don't use it for UI stuff. That's just \
dangerous.<br><br>-bob<br></blockquote></div><br></span></div>
_______________________________________________
Pythonmac-SIG maillist - Pythonmac-SIG@python.org
http://mail.python.org/mailman/listinfo/pythonmac-sig
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic