Authorization is a wrapper for Apple's Authorization API. Basically,
it allows you to spawn an arbitrary process as root after successfully
authenticating an administrator. This is useful for installers,
twiddling kernel settings (via sysctl or the like), etc.
You can fetch the source from:
http://undefined.org/python/Authorization-0.1.tar.gz (You'll need
Pyrex 0.9 to build)
Or you can install it from my Package Manager repository:
http://undefined.org/python/pimp/ (for instructions and HTML package
listing)
All of Apple's examples for using the Authorization API are pretty
convoluted.. I did get Python versions of them to work, but this is the
usage pattern that I felt maintained the most security and makes the
most sense for Python (this is also the test/test.py file in the source
distribution). I haven't tested on Panther yet, but I'm relatively
sure it should still work.
-bob
#!/usr/bin/env python
import os, sys, struct, tempfile
from Authorization import Authorization, kAuthorizationFlagDestroyRights
AUTHORIZEDTOOL = "#!%s\n%s" % (sys.executable,
r"""
import os
print os.getuid(), os.geteuid()
os.setuid(0)
print "I'm root!"
""")
def main():
auth =
Authorization(destroyflags=(kAuthorizationFlagDestroyRights,))
fd, name = tempfile.mkstemp('.py')
os.write(fd, AUTHORIZEDTOOL)
os.close(fd)
os.chmod(name, 0700)
try:
pipe = auth.executeWithPrivileges(name)
sys.stdout.write(pipe.read())
pipe.close()
finally:
os.unlink(name)
if __name__=='__main__':
main()
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4