I was reviewing 3rd party application which puts a setuid executable in /Library/PrivilegedHelperTools
I'd assumed that the entire purpose of this folder was to avoid use of setuid, but the only documentation I can find on this folder is in comments in example code (SMJobBless & EvenBetterAuthorizationSample) and little official documentation.
Is there more formal documentation of what Apple were attempting to achieve with this folder and these changes (Launchd?) ?
The secure programming guide explains that setuid is deprecated for these purposes, but then explains how to use it, at best it can be said to be a little muddled. Documentation on daemon and agents don't explicitly mention this folder.
Although in fairness, I can see no reason at all why the software in question needs elevated privileges at all, but if I'm to query it, it would be nice to have clear, well written documentation from Apple to refer to.
/Library/PrivilegedHelperTools actually pre-dates
SMJobBless. It was originally defined by the BetterAuthorizationSample sample code, which you can find in the Retired Documents Library. As such, it’s fine to put non-SMJobBless tools there as long as you avoid naming conflicts.
If you download the BAS source code you’ll find a bunch of docs that explain the whole BAS project.
Having said that, setuid root is clearly a bad idea (especially given that
SMJobBless was added in 10.6!), as is unwarranted privilege escalation, so you’re well within your rights to query that with the software’s author.
Share and Enjoy
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"