PDA

View Full Version : Backing-up without authentication


Timmy
10-16-2006, 07:01 AM
Where/how does SD! store our admin password when we have the 'padlock' unlocked?

I has assumed that it was kept in the Keychain, but I was surprised to see that SD! stays unlocked no matter which account we are logged in to.

dnanian
10-16-2006, 10:36 AM
We authenticate our copying tool the same way the system does (with "suid").

Timmy
10-16-2006, 10:50 AM
I have no idea what that means Dave.

I guess I will re-lock the padlock and hope that my admin password wasn't ever written to disk...

dnanian
10-16-2006, 10:54 AM
Your password was not written to disk, nor was it ever recorded or seen by SuperDuper!, actually.

Instead, a single application on the drive was given System permissions. Your password is only used to *authorize* this action: it's just like unlocking a preference pane (like Sharing).

Timmy
10-16-2006, 11:17 AM
I wasn't really worried that SD! was stealing my admin password, just that by leaving the padlock open that SD! might be tossing my password around in clear text.

After some googling, I think I understand the suid concept...

Thanks.

dnanian
10-16-2006, 11:21 AM
No, we definitely aren't. As I said, we never even really know what it is, since it's all handled by the authentication framework in OSX itself.