Showing Password Prompt Only Once - How to?
https://stackoverflow.com/questions/3979235
-
09-10-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I'm building an Cocoa application that modifies a file on the user's operating system which requires admin permission. I have a proof of concept working which uses authopen but it doesn't deliver the UX experience I am hoping to achieve. Every time the file is modified it prompts the user to enter their password. Is there a way to have permissions granted to the application for the duration of its life?
Goal: Application asks user for password once ever, going forth application does not prompt for password.
Next Best: Application asks user for password once at application launch, going forth application does not prompt for password until application restart.
I'm aware of Authorization Services and the possibility of creating a Daemon which deals specifically with modifying privileged files, what I'm curious about is if either of my listed goals are even possible before diving too deep into another system.
Really appreciate any suggestions, critiques or helpful links.
Cheers, Dustin
Solution
Yes, using Authorization Services is the way forward. You get an AuthorizationRef in your application via AuthorizationCopyRights() (which shows the UI if needed), and pass this to your helper (by packaging it up into an external form) which verifies that it actually got the necessary right before performing the privileged task. Authorization Services is able to register rights in the /etc/authorization database, so if you choose a custom right you can choose the default settings for who is allowed to acquire it, what timeout or other conditions exist and so on.
To deploy your privileged helper tool, you should use the Service Management framework, in particular SMJobBless() which verifies that the code signing identities on your client and helper match before deploying the helper as a launchd job. Then your helper can be initiated on demand by the main application.
Feel free to ask if you want clarification on any step in the answer, however I already wrote about both of these aspects of privilege separation in my book Professional Cocoa Application Security so feel free to buy a copy or two ;-).
