diff options
| author | mark@chromium.org <mark@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-04-30 18:16:18 +0000 |
|---|---|---|
| committer | mark@chromium.org <mark@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-04-30 18:16:18 +0000 |
| commit | 526657d45abd72067ff774c552cc4df5825fc742 (patch) | |
| tree | cb5da516b3b90c0057eaff34b51697bd1ff9ea4a /chrome/browser/cocoa/authorization_util.h | |
| parent | ac68bb0756f5bcb47cd79e832ef9ec6e5cb8bda0 (diff) | |
| download | chromium_src-526657d45abd72067ff774c552cc4df5825fc742.zip chromium_src-526657d45abd72067ff774c552cc4df5825fc742.tar.gz chromium_src-526657d45abd72067ff774c552cc4df5825fc742.tar.bz2 | |
Allow authenticated installs from the disk image.
When launching from a read-only disk image, if no installed copy exists in
/Applications, and the user chooses to install from the disk image:
If it appears that there isn't permission to write to /Applications, prompt
the user to authenticate as an administrator. If authentication is
successful, copy the application as root, set its permissions, and promote
Keystone to use a system ticket.
BUG=40265
TEST=Remove the application from /Applications and test, as both an admin
user and a normal user, installation directly from the disk image. When
installation occurs after authentication, Chrome should be on a system
ticket.
Also, make sure that normal in-app Keystone promotion continues to work
as expected.
Review URL: http://codereview.chromium.org/1792013
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@46091 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/cocoa/authorization_util.h')
| -rw-r--r-- | chrome/browser/cocoa/authorization_util.h | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/chrome/browser/cocoa/authorization_util.h b/chrome/browser/cocoa/authorization_util.h index 2d7c09d..9370949 100644 --- a/chrome/browser/cocoa/authorization_util.h +++ b/chrome/browser/cocoa/authorization_util.h @@ -23,12 +23,20 @@ // http://developer.apple.com/mac/library/samplecode/BetterAuthorizationSample/listing1.html // (Look for "What's This About Zombies?") +#include <CoreFoundation/CoreFoundation.h> #include <Security/Authorization.h> #include <stdio.h> #include <sys/types.h> namespace authorization_util { +// Obtains an AuthorizationRef that can be used to run commands as root. If +// necessary, prompts the user for authentication. If the user is prompted, +// |prompt| will be used as the prompt string and an icon appropriate for the +// application will be displayed in a prompt dialog. Note that the system +// appends its own text to the prompt string. Returns NULL on failure. +AuthorizationRef AuthorizationCreateToRunAsRoot(CFStringRef prompt); + // Calls straight through to AuthorizationExecuteWithPrivileges. If that // call succeeds, |pid| will be set to the pid of the executed tool. If the // pid can't be determined, |pid| will be set to -1. |pid| must not be NULL. |