1.It is a macos's app with root permission.
2.I want to write and read a generic password in other user's default keychain with invisable.
But, it need to input login password or keychain's password to permission.
What should I do to operate other user's default keychain without permission?
I used the following methods:
SecKeychainOpen
SecKeychainItemCreateFromContent
SecKeychainFindGenericPassword
SecKeychainItemDelete
By the way, I just want to operation default keychain.
What should I do to operate other user's default keychain without permission?
This is not possible. The keychain is encrypted with the user’s password, so you can’t read or write items in it without that password.
You can see fallout from this in the Mac UI. If you, as admin user A, use System Preferences > Users & Groups to reset the password of user B, there’s a note in the sheet that says:
Resetting the account password doesn’t reset the password for the user’s “login” keychain.
because we can’t do that without the user B’s keychain password.
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"What should I do to operate other user's default keychain without permission?
This is not possible. The keychain is encrypted with the user’s password, so you can’t read or write items in it without that password.
You can see fallout from this in the Mac UI. If you, as admin user A, use System Preferences > Users & Groups to reset the password of user B, there’s a note in the sheet that says:
Resetting the account password doesn’t reset the password for the user’s “login” keychain.
because we can’t do that without the user B’s keychain password.
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"I get it.
Thank you very much.