stackoom
  简体   繁体   中英

How do I secure a per user GUI launchd agent against a non admin user disabling it?

 原文  2009-07-09 00:57:26       cocoa/ security/ launchd/ launchdagent

Question

I have a pair of launchd daemons, one of which is a true daemon (runs as root) and one of which is a GUI agent that runs as a per GUI session basis (session type Aqua).

I need to prevent non admin level users from disabling the user level agent using launchctl, or at the very least figure out how to reload the agent from the root level daemon.

The best article I've found so far is this one , but it doesn't really offer any clear solutions.

The easiest way would seem to be to fetch the current console user periodically in the root daemon and then run launchctl load ... as that user, but I'm not entirely if if that's possible/how I would go about this (if I just run load from the daemon without posing as the user, it will be loaded under the root user, which does no good).

Any ideas?

1 answers

solution1
 0  2009-12-06 22:29:08

您可以在SIGTERM处理程序中检查授权,请参阅http://developer.apple.com/mac/library/technotes/tn2002/tn2095.html以获得示例自定义授权检查

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How do I run code when a user agent process terminates? How to run launchd agent/daemon from a NSApplication? iPhone User-Agent Secure password storage for a launchd daemon How to set a custom user-agent for an osx webview using swift How do I make a Cocoa NSTextView grow as the user types into it? With Cocoa how do i check that given file is owned by current user? How do I get the icon of the user's Mac? How do I determine if a user has a password set on Mac? How do I create a user interface from an entity in Xcode 4?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM