Introduction to Authorization Services Programming Guide
Note: This document was previously titled Performing Privileged Operations With Authorization Services.
Contents:
Organization of This Document
See Also
Authorization Services defines a programming interface that facilitates fine-grain control of privileged operations, such as accessing restricted areas of the operating system and self-restricted parts of your Mac OS X application. This document describes how to use Authorization Services to control these privileged operations.
Performing Privileged Operations With Authorization Services explains the concepts behind authorization and provides examples of how to use Authorization Services.
Types of products that benefit from using Authorization Services include
applications that call system-restricted tools
software that restricts access to its own tools
software installers that install privileged tools or require access to restricted areas of the operating system
For example, you can use Authorization Services to restart background processes or to gain access to restricted directories, such as the /Applications directory. Using Authorization Services properly in these situations greatly minimizes the possibility of your software inadvertently damaging restricted areas of the operating system, or allowing an unauthorized user access to these areas.
Your application can benefit from Authorization Services if it includes tools or performs operations to which you want only administrative users to have access.
Authorization Services uses the authentication mechanism in Mac OS X. If future versions of Mac OS X support additional authentication mechanisms, adopting Authorization Services now will enable your application to take advantage of these mechanisms with no change to your code.
Organization of This Document
“Authorization Concepts” introduces you to authorization in Mac OS X and describes the difference between authorization and authentication. This chapter explores scenarios that use Authorization Services. Read this chapter to better understand whether your software could benefit from using Authorization Services.
“Authorization Services Tasks” explains in detail how to use Authorization Services in self-restricting applications, system-restricting applications, and privileged installers.
“Glossary” defines new terms introduced in this book.
See Also
A companion volume to Performing Privileged Operations With Authorization Services is Authorization Services Reference, which provides a detailed explanation of every function, data type, and constant defined by Authorization Services for use by your application.
© 2002, 2009 Apple Inc. All Rights Reserved. (Last updated: 2009-01-06)