-
This page was last modified 2006-08-13 09:11 PDT.
©2006 jeremy.smallinfinity.net. The program and its source code has various additional (open source) copyrights associated with it, as detailed in the source code.
DesktopManager is a utility for Macintoshes which allows you to have multiple workspaces. This means that you do not have to have all your applications on the desktop at once. Instead you can have a desktop for internet applications, a desktop for word processing, etc. Some of your windows--say your mail program--can be on all desktops so you can always access it. Hotkeys, and the desktop pagers, allow you to move between desktops.
DesktopManager was originally written
(by Rich
Wareham) for Mac OS X.3,
before the Intel Mac came to be, and relies upon some code called
mach_inject which was very PPC-specific. Fortunately,
Bertran Guihéneuf
came to the rescue and wrote a Universal version of mach_inject.
Bertran Guihéneuf then incorporated his update into DesktopManager
and created a Universal version of
DesktopManager. So now those of us with Intel Macs can use
DesktopManager.
There is just one problem.
The purpose of mach_inject is to inject code into a running
process. For DesktopManager, the idea is to alter the behaviour of the dock.
But while this is good for DesktopManager, it is disconcerting to think
that any program could conceivably alter the behaviour of a running program.
Isn't this a security risk? At least for Intel Macs, it apparently is.
With Mac OS X.4.4, Apple disabled the ability for programs on Intel
Macs to "mach inject". However, the ability is restored for users in
the procmod group. By default, only root--who
is allowed to do anything anyway--is a member of the procmod
group. This obviously makes it difficult then for DesktopManager to work.
This problem was also solved by Bertran Guihéneuf, who wrote
a framework called
InjectionControl. The InjectionControl
API
consists of two functions which, when combined,
test whether the current user is a member
of the procmod group, and if not, then with the confirmation of
(and an administrator password from) the user, adds the current user
to the procmod group. Then DesktopManager can run.
It seems to me--but keep in mind that Bertran Guihéneuf headed
the team which developed iCal, and I only know enough to be dangerous--that
allowing every program a user runs to allow mach_inject
just so that DesktopManager can run is not only overkill but
negates the presumably important Mac OS X.4.4 security update which
introduced the procmod group in the first place. A simpler,
and less drastic solution is to allow DesktopManager (and other trusted
programs) and only DesktopManager (and other trusted programs) to run as
procmod. This can be done by using the
setgid
bit of the applications' file permissions after setting the group
ownership of the application.
Unfortunately, this does not immediately work with the
Universal version of DesktopManager, for the simple reason that
the Universal DesktopManager now includes InjectionControl code which checks
if the user, and not the process is
in the procmod group. So even though setting the group and
setgid bit of DesktopManager should have worked, DesktopManager didn't know it
and popped up a dialog box. I solved this by
InjectionControlError isInjectionEnabledForCurrentProcess(int* enabled)
to Bertran Guihéneuf's functions
InjectionControlError setInjectionEnabledForCurrentUser(int enabled)
InjectionControlError isInjectionEnabledForCurrentUser(int* enabled)
isInjectionEnabledForCurrentUser to
isInjectionEnabledForCurrentProcess.
(isInjectionEnabledForCurrentProcess first checks if the
process is running under the procmod group, and, if not,
returns the result of isInjectionEnabledForCurrentUser.)
chmod and chgrp to get DesktopManager
to run in the procmod group. (Details can be found with the
installation instructions, and
the installer does this automatically for
installations onto Intel Macs.)
This could be overkill--in principle, by using setgid, InjectionControl is
unnecessary--but this allows InjectionControl to be used as a fallback.
In particular, InjectionControl is still necessary if the installation
disk is mounted with the nosuid flag.
-
This page was last modified 2006-08-13 09:11 PDT.
©2006 jeremy.smallinfinity.net. The program and its source code has various additional (open source) copyrights associated with it, as detailed in the source code.