base/mac/authorization_util.mm - Issue 28713002: [Mac] Add option to reauthenticate the OS user before revealing passwords.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: base/mac/authorization_util.mm

Issue 28713002: [Mac] Add option to reauthenticate the OS user before revealing passwords. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Rerebase. Created 7 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: base/mac/authorization_util.mm

diff --git a/base/mac/authorization_util.mm b/base/mac/authorization_util.mm

index c2925896209aad9adc99481b856d0d9a23aca466..6cb8de3f73b8459cfbcb41fb56017d570647b5e8 100644

--- a/base/mac/authorization_util.mm

+++ b/base/mac/authorization_util.mm

@@ -22,7 +22,10 @@

namespace base {

namespace mac {

-AuthorizationRef AuthorizationCreateToRunAsRoot(CFStringRef prompt) {

+AuthorizationRef GetAuthorizationRightsWithPrompt(

+ AuthorizationRights* rights,

+ CFStringRef prompt,

+ AuthorizationFlags extraFlags) {

// Create an empty AuthorizationRef.

ScopedAuthorizationRef authorization;

OSStatus status = AuthorizationCreate(NULL,

@@ -34,12 +37,11 @@ AuthorizationRef AuthorizationCreateToRunAsRoot(CFStringRef prompt) {

return NULL;

}

- // Specify the "system.privilege.admin" right, which allows

- // AuthorizationExecuteWithPrivileges to run commands as root.

- AuthorizationItem right_items[] = {

- {kAuthorizationRightExecute, 0, NULL, 0}

- };

- AuthorizationRights rights = {arraysize(right_items), right_items};

+ AuthorizationFlags flags = kAuthorizationFlagDefaults |

+ kAuthorizationFlagInteractionAllowed |

+ kAuthorizationFlagExtendRights |

+ kAuthorizationFlagPreAuthorize |

+ extraFlags;

// product_logo_32.png is used instead of app.icns because Authorization

// Services can't deal with .icns files.

@@ -63,16 +65,12 @@ AuthorizationRef AuthorizationCreateToRunAsRoot(CFStringRef prompt) {

AuthorizationEnvironment environment = {arraysize(environment_items),

environment_items};

- AuthorizationFlags flags = kAuthorizationFlagDefaults |

- kAuthorizationFlagInteractionAllowed |

- kAuthorizationFlagExtendRights |

- kAuthorizationFlagPreAuthorize;

status = AuthorizationCopyRights(authorization,

- &rights,

+ rights,

&environment,

flags,

NULL);

if (status != errAuthorizationSuccess) {

if (status != errAuthorizationCanceled) {

OSSTATUS_LOG(ERROR, status) << "AuthorizationCopyRights";

@@ -83,6 +81,17 @@ AuthorizationRef AuthorizationCreateToRunAsRoot(CFStringRef prompt) {

return authorization.release();

}

+AuthorizationRef AuthorizationCreateToRunAsRoot(CFStringRef prompt) {

+ // Specify the "system.privilege.admin" right, which allows

+ // AuthorizationExecuteWithPrivileges to run commands as root.

+ AuthorizationItem right_items[] = {

+ {kAuthorizationRightExecute, 0, NULL, 0}

+ };

+ AuthorizationRights rights = {arraysize(right_items), right_items};

+ return GetAuthorizationRightsWithPrompt(&rights, prompt, 0);

OSStatus ExecuteWithPrivilegesAndGetPID(AuthorizationRef authorization,

const char* tool_path,

AuthorizationFlags options,

« no previous file with comments | « base/mac/authorization_util.h ('k') | chrome/app/chromium_strings.grd » ('j') | no next file with comments »