Re: Is automatic reauthentication possible?

FROM : Simone Manganelli
DATE : Tue Jan 14 15:43:06 2003

Is using an authtool that is setuid root the "correct" way that you are
talking about, or are you talking about some other way?  It was my
understanding that doing authentication this way would make it so that
it is necessary that the application is actually installed (i.e.: using
a utility like Installer), rather than dragged and dropped like most
applications.  Is this true, and is there any way around this
limitation if this limitation does exist?

-- Simone Manganelli

On Tuesday, Jan 14, 2003, at 08:14 US/Pacific, Finlay Dobbie wrote:

>
> On Tuesday, January 14, 2003, at 12:54  am, Chris Reed wrote:
>

>> Yes, you can. But it is a system-wide config option. Take a look at
>> the /etc/authorization config file. It has some "documentation" as
>> comments at the top of the file.
>>
>> Alternatively, you need a separate process that you launch the first
>> time the user authorizes and stays around until you explicitly quit.
>> Then you can send it messages requesting that it run /bin/kill any
>> time you need. The button to deauthenticate would cause this process
>> to exit.

>
> Or you could fix your code so you do authorization the "correct" way
> and authorize against a non-expiring right. AuthSample shows this, as
> does ThemeChanger (www.clichesw.com).
>
>  -- Finlay
>