[futurebasic] popen and sandboxing

Message: < previous - next > : Reply : Subscribe : Cleanse
Home   : August 2012 : Group Archive : Group : All Groups

From: Ken Shmidheiser <kshmidheiser@...>
Date: Tue, 28 Aug 2012 22:47:51 -0400
Brian wrote:

> First capability is to identify whether a specific process is running.

This does it in pure Cocoa:

'--------------------- Begin FB Example -------------------

compile as "Objective-C"
include "ConsoleWindow"

BeginCDeclaration
CFStringRef runningProcesses();
EndC

BeginCFunction
CFStringRef runningProcesses() {
NSAutoreleasePool *pool = [[NSAutoreleasePool alloc] init];
NSTask *task = [[NSTask alloc] init];
[task setLaunchPath:@"/bin/sh"];
[task setArguments:[NSArray arrayWithObjects:@"-c",@"ps -Ac",nil]];
NSPipe *pipe = [NSPipe pipe];
[task setStandardOutput:pipe];
[task launch];
NSData *data = [[pipe fileHandleForReading] readDataToEndOfFile];
[task waitUntilExit];
[task release];
NSString *result = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
[result retain];
[pool drain];
return (CFStringRef)result;
}
EndC
toolbox fn runningProcesses = CFStringRef

dim as CFStringRef processes

processes = fn runningProcesses
fn HIViewSetText( sConsoleHITextView, processes )
CFRelease( processes )

'--------------------- End FB Example -------------------

> Second capability is be able to control( i.e. on a date/time ) the shutdown/restart or sleep...but the command requires superuser privileges.

NSTask doesn't allow escalated permissions. (I've been  doing a lot of work in Cocoa with NSTask, but it hits the limits here.)

Authorization Services used to allow escalated permissions, but now it's deprecated-- and dead in Mountain Lion.

AppleScript may allow escalated permissions to work in some limited cases.

For Sandboxed apps, the recommend way is to use ServiceManagement.framework's SMJobBless function.

Basically you create a helper app that conveys messages between your app and the system.

The theory is discussed here:

http://stackoverflow.com/questions/6841937/authorizationexecutewithprivileges-is-deprecated

Service Management reference:

http://developer.apple.com/library/mac/documentation/ServiceManagement/Reference/ServiceManagement_header_reference/ServiceManagement_header_reference.pdf

Sample code here:

http://developer.apple.com/library/mac/#samplecode/SMJobBless/Introduction/Intro.html

This is not for the faint of heart, and exhibits all the folly of Apple's Sandbox madness. It's sad the company has abandoned the concept of a friendly, creative collaborative work environment in favor of swipe gestures.

Ken