Thursday, November 29, 2007


Finally, Apple posted BetterAuthorizationSample, a sample project that demonstrates how to securely use Mac OS X authorization API.

Apple's older sample code (AuthSample and MoreAuthSample) used a setuid root privileged helper tool. BAS uses launchd because it's more secure. In the BAS design, an attacker can't directly control the environment which the helper tool inherits, and that prevents a variety of potential attacks.

This sample code supersedes the four years old Project Builder MoreIsBetter/MoreSecurity sample code that warned: No matter what you do, the current AuthorizationExecuteWithPrivileges model allows for security violations [3093666]. It comes as a Xcode project that compiles without tweaking and with three documentation files that look quite complete: Design and Implementation Rationale, Performing Privileged Operations With BetterAuthorizationSampleLib and Read Me About BetterAuthorizationSample.


Anonymous said...


Anonymous said...