Write Permission from application?
 

Hi All,

I m working on MAC 10.4.10 on my Intel MAC.
I have a program which can open to the disk in and read form disk in binary form.

fileDescriptor = open ("/dev/rdisk1", O_RDONLY );
but this function returns true only in case if I am login under root but if i login under some other account with admin permission it wiil not return true.

So if any body knows how I can access disk in admin user account then plz help me.

Thanks.

You need to read up on how to gain 'root' privileges for the small part of your app (preferably a small helper application) that will read the disk.
Start here: http://developer.apple.com/documenta...section_1.html

Hi Hayne,

I m reading the Document(from your Link) but still no idea how to achieve the target that is how to give user permission so that it can read the disk.

If u provide a simple example then that would be very helpful.

Thanks.

AuthorizationExecuteWithPrivileges?
 

Hi All,

I m working on Mac 10.4.7 on my Intel Mac.
I want to read the binary data from disk which I ab able to do in the root login but since I want to do it in any admin ligin so I am using the function
AuthorizationExecuteWithPrivileges.

My problem is that i am able to give the application root privilege but then i have to run my application from some other application by giving the path in the above function. But i want to give my applicayion root privilege from within the application.

So if any body knows how I m able to do that then plz help me.

Thanks
Vishal

I will restate, at the risk of sounding harsh, what I said in your last thread:

It doesn't sound like you're ready to go playing with AuthorizationExecuteWithPrivileges().

I merged the new thread with the older one since it is on the same topic.

Actually I donot know for which file to get permission in order to read the disk using open function.

Developing an application that needs 'root' privileges to do something is a difficult undertaking (to do it correctly and securely). You need to set aside several days and read through all of Apple's documentation on this subject - I pointed to a starting point above. Apple provides a few sample projects that illustrate what needs to be done. You should examine these closely and then it should be clear what you need to do in your case.

Outline of what you need to do:
- create a small command-line (no GUI) utility that does the operation that you need 'root' access for
- use the Apple security API's to invoke this stand-alone utility when needed from your larger application

Apple has just released a new sample project that provides a relatively easy way to set up a helper tool to perform the privileged operation:
http://developer.apple.com/samplecod...ple/index.html

So I just got done looking through that project and its readme, and all I'm left with is:

Holy crap.

There are 3 READMEs - the most interesting is the long one that explains the rationale for why it was implemented the way it is.

Yeah, typo. My fingers decided they didn't like my 's' key.

The design is interesting, and I feel as though I'm still digesting its implications. I'll end up rereading the documentation for the project again, no doubt. What's interesting is that for one-off actions, they still recommend AEWP. (I'm not saying this is a flawed recommendation, simply that I find it interesting.)

I do really like the fact that Apple sat down and created a very thorough--and thoroughly documented--standard authorization module and companion example for developers. This kind of thing doesn't happen in an afternoon.

I was surprised by that statement as well. But their example was about installing and uninstalling, so I think perhaps the "one off" was intended to refer to things that the app does only once in its lifetime - as opposed to things that it does once per launch. I was sufficiently confused by that statement to consider writing to the dts address to ask for clarification on this - I haven't done so yet, but I think I will.