-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathinstall-tool.c
66 lines (57 loc) · 1.75 KB
/
install-tool.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
#include <stdio.h>
#include <Security/Authorization.h>
#include <Security/AuthorizationTags.h>
// Based on http://developer.apple.com/documentation/Security/Conceptual/authorization_concepts/03authtasks/authtasks.html#//apple_ref/doc/uid/TP30000995-CH206-TPXREF33
// Note that I tried to implement this in managed code using p/invokes, but I kept
// getting kPOSIXErrorENOENT errors on the call to AuthorizationCreate. Not sure
// why but opensnoop shows very different behavior between the managed and
// unmanaged code.
int main(int argc, char* argv[])
{
OSStatus err;
AuthorizationRef cookie;
err = AuthorizationCreate(
NULL,
kAuthorizationEmptyEnvironment,
kAuthorizationFlagDefaults,
&cookie);
if (err != errAuthorizationSuccess)
{
fprintf(stderr, "AuthorizationCreate failed with error %ld\n", err);
return err;
}
do
{
{
AuthorizationItem items = {kAuthorizationRightExecute, 0, NULL, 0};
AuthorizationRights rights = {1, &items};
AuthorizationFlags flags =
kAuthorizationFlagDefaults |
kAuthorizationFlagInteractionAllowed |
kAuthorizationFlagPreAuthorize |
kAuthorizationFlagExtendRights;
err = AuthorizationCopyRights(cookie, &rights, NULL, flags, NULL);
if (err != errAuthorizationSuccess)
{
fprintf(stderr, "AuthorizationCopyRights failed with error %ld\n", err);
break;
}
}
{
char* args[] = {argv[1], argv[2], NULL};
err = AuthorizationExecuteWithPrivileges(
cookie,
"/bin/cp",
kAuthorizationFlagDefaults,
args,
NULL);
if (err != errAuthorizationSuccess)
{
fprintf(stderr, "AuthorizationExecuteWithPrivileges failed with error %ld\n", err);
break;
}
}
} while (0);
AuthorizationFree(cookie, kAuthorizationFlagDefaults);
return err;
}