This repository has been archived by the owner on Jun 3, 2021. It is now read-only.
Security
Folders and files
| Name | Name | Last commit date | ||
|---|---|---|---|---|
parent directory.. | ||||
Security Samples
----------------
Overview: These are simple examples of plugins for the Authorization
API.
Note: The preferred way to modify the /etc/authorization file is to use
the Authorization APIs in <Security/AuthorizationDB.h>. This is always
how it should be done in shipping products, as there may have been other
modifications to the /etc/authorization file. A code snippet to do this
is:
#include <CoreFoundation/CoreFoundation.h>
#include <Security/AuthorizationDB.h>
#define LOGIN_RIGHT "system.login.console"
int main(int argc, char *argv[])
{
CFDictionaryRef login_dict;
OSStatus status;
AuthorizationRef authRef;
status = AuthorizationCreate(NULL, NULL, 0, &authRef);
if (status) exit(1);
status = AuthorizationRightGet(LOGIN_RIGHT, &login_dict);
if (status) exit(1);
CFArrayRef arrayRef;
if (!CFDictionaryGetValueIfPresent(login_dict, CFSTR("mechanisms"),
&arrayRef))
exit(1);
CFMutableArrayRef newMechanisms = CFArrayCreateMutableCopy(NULL, 0,
arrayRef);
if (!newMechanisms)
exit(1);
CFIndex index = CFArrayGetFirstIndexOfValue(newMechanisms,
CFRangeMake(0, CFArrayGetCount(newMechanisms)), CFSTR("authinternal"));
if (index == -1)
exit(1);
CFArraySetValueAtIndex(newMechanisms, index, CFSTR("newmech"));
CFMutableDictionaryRef new_login_dict
= CFDictionaryCreateMutableCopy(NULL, 0, login_dict);
CFDictionarySetValue(new_login_dict, CFSTR("mechanisms"), newMechanisms);
status = AuthorizationRightSet(authRef, LOGIN_RIGHT, new_login_dict,
NULL, NULL, NULL);
if (status) exit(1);
}