Anybody out there brave enough to test FinkCommander ?

<<FinkCommander is a graphical user interface for the Fink software packaging system for Mac OS X. It provides an intuitive front-end to the Fink command-line tools for downloading and installing Unix software.

FinkCommander has not been widely tested and may do damage to your system. It also raises some security concerns, which are documented in the README.>>

http://finkcommander.sourceforge.net/


Cheers...

It looks like a good idea. I'll prolly try it after the password thing is taken care of.

hmm, it makes you wonder what other apps have we been tinkering with that don't implement the security framework. i wonder if there is a command to examine an executable and determine "does she or doesn't she?"

Craig,

Good luck, your feedback appreciated.

MervTormel,

Other than looking at the source code, I don't know of any command. (I wish I knew...then we could check all the new app we try everyday).

By the way, I felt inspired so I offered myself to do the spanish localization.

Cheers...

$ strings /Applications/Utilities/NetInfo\ Manager.app/Contents/MacOS/NetInfo\ Manager | grep auth
Deauthenticate
Authenticate...
AuthenticationChanged
You must re-authenticate to make additional changes.
authMenu
deauthenticateUser:
authenticateUser:
isAuthenticated
isAuthenticatedAsAdministrator
deAuthenticateUser:
authenticateAsUserName:password:
deauthenticate
authenticate
You have deauthenticated with unsaved changes. Those changes have been lost.
updateAuthentication:
neverDeauthenticated
authenticationButton
deauthenticated
willAuthenticate
authenticationSuccessfulForDomain:userName:password:
hasAuthenticationForDirectory:
allowNonAdminAuthentication:
isAuthenticatedAsUserName:
isAuthenticatedAsRoot
Authentication failed!
NIAuthenticationPanel
authenticated
authenticateFor:
authenticatedFor:
authHost:andGetPassword:
authenticateWithPassword:
authenticationPanel
Can't authenticate new user and password

$ strings xdowns/finkcommander-0.2.1a/FinkCommander.app/Contents/MacOS/FinkCommander | grep auth

$

$ strings /Applications/Utilities/Installer.app/Contents/MacOS/Installer | grep auth
IsAuthenticated
IFInstallerAuthenticated
isAuthenticated
setIsAuthenticated:

$ strings /Applications/Utilities/Keychain\ Access.app/Contents/MacOS/Keychain\ Access | grep auth

$

$ strings /Applications/Utilities/ProcessViewer.app/Contents/MacOS/ProcessViewer | grep auth

$

MervTormel,

Interesting work, will check more of it.

Cheers...

i'm looking for something in the /developer tree to explode frameworks of an executable. if we could find that, then discover the footprint of the security framework, then we could write a little script to profile apps.

MervTormel,

We can learn somethings from this article by Brian R. Hill, the developer of Brickhouse: (Sorry a little long)

<<One of the many changes that greeted developers when Mac OS X 1.0 was released was that the 'root' user was no longer allowed to login by default. This meant that many time-honored ways of launching command line tools with administrative privileges, such as using the 'su' tool, no longer worked.

Instead, Apple has provided a new framework, Security, to handle user authentication and launching administrative command line tools with root access, among other things. This new framework also provides a foundation for more sophisticated authorization architectures with finer granularity, such as role- or time-based access, in the future.

The Security framework introduces a new opaque type, the AuthorizationRef, that represents the current set of authorization privileges held by the user. After initializing an AuthorizationRef, you can use it to discover whether the user has authorization to perform a given task. You can also attempt to increase the authorized privileges, and optionally allow the Security framework to present the user with a panel to enter their password if needed.

To initialize an AuthorizationRef, you use the AuthorizationCreate function.

#include <Security/Authorization.h>
#include <Security/AuthorizationTags.h>

// We'll be hanging onto the authorizationRef
// and using it throughout the code samples

AuthorizationRef authorizationRef = NULL;

// The authorization rights structure holds a reference to an array
// of AuthorizationItem structures that represent the rights for which
// you are requesting access.

AuthorizationRights rights;
AuthorizationFlags flags;

// We just want the user's current authorization environment,
// so we aren't asking for any additional rights yet.

rights.count=0;
rights.items = NULL;

flags = kAuthorizationFlagDefaults;

err = AuthorizationCreate(&rights, kAuthorizationEmptyEnvironment,
flags, &authorizationRef);


Once you've initialized the AuthorizationRef, you can use the AuthorizationCopyRights function to determine whether the user is currently authorized to do something. To do this, you need to construct an AuthorizationRights structure containing the list of the privileges you require to perform your task.

AuthorizationItem items[1];
char sysctlPath[] = "/usr/sbin/sysctl";
BOOL authorized = NO;
OSStatus err = 0;

// There should be one item in the AuthorizationItems array for each
// right you want to acquire.

// The data in the value and valueLength is dependent on which right you
// want to acquire.

// For the right to execute tools as root, kAuthorizationRightExecute,
// they should hold a pointer to a C string containing the path to
// the tool you want to execute, and the length of the C string path.

// There needs to be one item for each tool you want to execute.

items[0].name = kAuthorizationRightExecute;
items[0].value = sysctlPath;
items[0].valueLength = strlen(sysctlPath);
items[0].flags = 0;

rights.count=1;
rights.items = items;

flags = kAuthorizationFlagExtendRights;

// Since we've specified kAuthorizationFlagExtendRights and
// haven't specified kAuthorizationFlagInteractionAllowed, if the
// user isn't currently authorized to execute tools as root,
// they won't be asked for a password and err will indicate
// an authorization failure.

err = AuthorizationCopyRights(authorizationRef,&rights,
kAuthorizationEmptyEnvironment,
flags, NULL);

authorized = (errAuthorizationSuccess==err);


You can use this to set the state of your ubiquitous lock/unlock button to indicate the user's current authorization status. You should not just cache the result of this and assume that the user will remain authorized. There appears to be a timeout on the AuthorizationRef privileges, and the user may need to re-authorize after an idle period. To be safe, use this technique each time you need to know whether the user is authorized to run your administrative tool.

(continue...in next post)

...from above)


When the user clicks your lock/unlock button, and you'd like the Security framework to present the user with a password panel and check their authorization, you call AuthorizationCopyRights again, this time adding the kAuthorizationFlagInteractionAllowed to the flags.

AuthorizationRights rights;
AuthorizationFlags flags;
AuthorizationItem item[1];
char sysctlPath[] = "/usr/sbin/sysctl";
OSStatus err = 0;
BOOL authorized = NO;

item[0].name = kAuthorizationRightExecute;
item[0].value = sysctlPath;
item[0].valueLength = strlen(sysctlPath);
item[0].flags = 0;

rights.count=1;
rights.items = item;

flags = kAuthorizationFlagInteractionAllowed
| kAuthorizationFlagExtendRights;

// Here, since we've specified kAuthorizationFlagExtendRights and
// have also specified kAuthorizationFlagInteractionAllowed, if the
// user isn't currently authorized to execute tools as root
// (kAuthorizationRightExecute),they will be asked for their password.

// The err return value will indicate authorization success or failure.

err = AuthorizationCopyRights(authorizationRef,&rights,
kAuthorizationEmptyEnvironment,
flags, NULL);
authorized = (errAuthorizationSuccess==err);

The Security framework will take care of authenticating the user's password, and also notifying the user if the login was incorrect. The only thing that will typically cause this call to return an error is if the user finally gave up and clicked 'Cancel' if they didn't know the password.

To launch the tool with root privileges, you use the AuthorizationExecuteWithPrivileges function. You pass it the AuthorizationRef, the tool path, the arguments for the tool, and an optional FILE* pointer for the tool's standard input and output.

char* args[3];
OSStatus err = 0;
FILE* iopipe;

// The arguments parameter to AuthorizationExecuteWithPrivileges is
// a NULL terminated array of C string pointers.

args[0] = "-w";
args[1]="net.inet.ip.forwarding=1";
args[2]=NULL;

err = AuthorizationExecuteWithPrivileges(authorizationRef,
"/usr/sbin/sysctl",
0, args, &iopipe);

//You can use the standard FILE functions, such as fread, to
//read the standard output of the task on iopipe.

If the user clicks your lock/unlock button to deauthenticate themselves, you use the AuthorizationFree function with the kAuthorizationFlagDestroyRights flag.


AuthorizationFree(authorizationRef,kAuthorizationFlagDestroyRights);


It's a good idea to explicitly do this before you quit your program as well, since in the current version of the Security framework, the user will stay authorized for a period of time after they quit your program if you don't destroy the authorization privileges you've acquired.

Along with this article, I've written a small Cocoa application project that uses the SecurityFramework to launch the sysctl tool and set the state of IP packet forwarding. It demonstrates putting a thin Objective C wrapper around these functions to create an easy way to get and set system variables via sysctl and the Security framework.>>


MervTormel,

check : 'man sysctl'

Any ideas?


(Sorry for the long post, but it's a very interesting subject)


Cheers...

Well, security issues aside, it seems to work (http://acosx1.aboutcomp.com/~crarko/desktops/fink_commander.html) fine.

I like the sort fields. I'd like it to report a count of installed packages.

Overall. a nice Cocoa front-end to fink. :)

nice pic. no window at your office? i like the juxtaposition of [ rain 46 ° ] and your desktop of outer space. ha. what is that menu weather app? is that weatherPop?

Hehe... my basement is my office; very cavelike. Yes, that's WeatherPop. Desktop pic courtesy the Hubble.

Craig,

Thanks for the picture.

Maybe you send a request about the count of installed packages to sburrios.


Cheers...

not sure if i'm on the right track here, or not, but otool will spit out a lot about the links in an executable...

$ otool -l /Applications/Utilities/Keychain\ Access.app/Contents/MacOS/Keychain\ Access | grep security
name /System/Library/Frameworks/Security.framework/Versions/A/Security (offset 24)
name /System/Library/Frameworks/Security.framework/Versions/A/Security (offset 20)
name /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SecurityHI.framework/Versions/A/SecurityHI (offset 20)
name /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/SecurityCore.framework/Versions/A/SecurityCore (offset 20)

$ otool -l xdowns/finkcommander-0.2.1a/FinkCommander.app/Contents/MacOS/FinkCommander | grep security
name /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/SecurityCore.framework/Versions/A/SecurityCore (offset 20)
name /System/Library/Frameworks/Security.framework/Versions/A/Security (offset 20)

$ otool -l /Applications/Utilities/NetInfo\ Manager.app/Contents/MacOS/NetInfo\ Manager | grep security
name /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SecurityHI.framework/Versions/A/SecurityHI (offset 20)
name /System/Library/Frameworks/Security.framework/Versions/A/Security (offset 20)
name /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/SecurityCore.framework/Versions/A/SecurityCore (offset 20)

--

the only distinction i can see is the SecurityHI.framework in the two apps that we think implement proper authentication. finkcommander's references may only be stubs?

Did a locate for SecurityHI and SecurityCore,

...........

Yes, it looks like SecurityHI deals with Cocoa.framework and Carbon.Framework while SecurityCore deals with the CoreServices.framework.


Cheers...

Hello, all.

I'm the developer of FinkCommander. "Sao" mentioned in an e-mail to me that he had started a thread on FinkCommander here, so I thought I'd take a look.

Craig, I like your suggestion on including the installed package count. There's a version in CVS now that makes it pretty easy to get this information, because it adds "Installed" to the fields you can use in the filter. But I've been thinking that I should add a command to the "Tools" menu that would allow the user to get general fink information, such as the package manager and distribution versions. It would make sense to include the installed package count.

I guess the other alternative would be to put it at the bottom of the window along with the total package count. Something like "1013 packages (150 installed)."

I'll probably be releasing a new version of FinkCommander this weekend, but if you're "brave" enough, you can get the latest changes via anonymous CVS. The instructions are at:

http://sourceforge.net/cvs/?group_id=48896

The primary new feature is the ability to use the Preferences dialog to change the fink.conf file. This makes it very easy to switch to using unstable packages and back again.

Sao, I'm afraid the method that Brian Hill uses to run tasks with root user privileges--launching them with the call to AuthorizationExecuteWithPrivileges--is deprecated. Apple now says you should put all tasks that require root user access in a "small faceless background tool that can be stored inside an application's package." You then use AEWP to make the tool setuid root. This explanation is provided in the README file for the AuthSample sample code at:
http://developer.apple.com/samplecode/Sample_Code/Security/AuthSample.htm

I've been trying to figure out how to incorporate the AuthSample approach into FinkCommander. I've read everything I could find on the subject on Apple's web site and on the Apple and OmniGroup mailing lists. I've even been reading the book "Advanced Unix Programming" on Safari (although I really have no business reading anything on Advanced Unix).

I'm beginning to think that using the Security Frameworks in FinkCommander may not be possible, at least for me. I may just have to leave it to users to decide whether they want to risk giving their password directly to the application. Since FinkCommander is open source, what it does with the password is at least transparent.

BTW, This is exactly what FinkCommander does to run commands with root privileges: It runs the command in an NSTask using "sudo -s." If a password prompt appears in the task's standard output, it writes the password to the task's standard input.

sburr,

Thanks to come by. Will get the latest changes from CVS.

The switch unstable/stable through the preferences dialog sounds great.

I'm an optimistic, even after reading about your studies, I still believe that using the Security Frameworks in FinkCommander might be possible. There must be a way...somehow.

Anybody from Apple care to comment ?


Cheers...

Hello,

Thanks for posting the link to the authsample code. I am working on a small app to create users on OS X (practice for a slightly bigger project) and the info is handy. It's an interesting approach that I'll have to get my head around though.


Vonleigh

Hi, sbur! I just this moment sent you an email before I saw your post here. Welcome!

I'll give a shot at the cvs repository as well. I'm liking the error notification feature as opposed to having to monitor stuff in the terminal all the time.

Merv
why again are you running strings against Netinfo Manager?
I mean I've heard of crackers running strings against core dumps to salvage usernames and passwords...

Also the new Apple Security Framework sounds a whole lot better than the dreaded traditional suid.

macubergeek, i was just looking for evidence of implementation of the security framework. grasping at straws, really. after considerable thought, i reckon that a good security implementation wouldn't reveal itself in the string pool.

I see now....Here's what you really want to do....maybe:D
run Netinfo Manager thru a decompiler then thru strings and look for the system calls that the security framework would use....But that may be a bit iffy and I'm sure Apple might take exception to that, so on second thought maybe not.

I have been giving a spin to the new version, and it works very well. It feels more polished and there are more options available.

sburr, thanks for the good work.

Screenshot:

http://homepage.mac.com/sao1/PhotoAlbum7.html


Cheers...

What I would like to see accompanying the README file is a brief BEGINNERS GUIDE about some of the more useful packages that can be installed with FinkCommander (Fink). Like for example, XFree86-rootless, The Gimp, imagemagick, abiworld, gnumeric, Siag, lyx, vim61, xemacs, ncurses, xmms, lame, xchat, fileutils, ispell, screen, rsync, macosx-file-pm, pine, openssh, mysql, postgresql, mozilla, lynx, the whole enchilada of the gnome packages, aterm, eterm, bash, and of course the different window managers, wmaker, blackbox, enlightenment, icewm, oroborus2, etc.etc.

The guide should be written in general terms and mostly to encourage and put at ease the real beginner, that I suspect, is the one that is going to feel more attracted to use FinkCommander.


Cheers...

Sao,

Why don't you start with a preview? ;) For example, I've only installed xfree-rootless, the gimp and a few other things (oroborOSX i got from the developers website, thought it was easier taht way).

How about devoting a sentence to each one, maybe what it does, or why you think it would be good to have it installed (provided of course you have the time and want to).



Vonleigh

Sure, I can give it a try. But it's going to be very simple, so please don't expect a complete fink guide.

Cheers...

Great, thanks Sao,

I encourage anyone to post a few lines on their favorite fink-installable package and why they like it or think a newby should experiment with it or think everyone should install it.



Vonleigh

Seems to work for me. The only problem I ran across was that there was no cancel or way to back out. (Maybe my own ineptitude;)) I made a wrong selection at one of the prompts for an option. I hit cancel at the next request but it just sat there waiting. When I hit interact with fink, I had the same question come up. I had to quit out of commander to stop the process.

Another question, and this may have been answered elsewhere, I've already installed MySQL manually. Should I remove it and install through fink? Any dangers to this?

Thanks. :D

bakaDeshi, look at this (http://forums.macosxhints.com/showthread.php?s=&threadid=2849&highlight=fink) thread's discussion on fink and removing old packages.
Also, I second the want of a cancel button, or something to that effect. Sure wish I knew how to program.

vonleigh:
I like xscorch and dopewars (games), also fortune is a neat program to put in your .cshrc.

I can certainly understand the frustration at not being able to terminate a fink command from within FinkCommander. I attempted to add a terminate command for the latest release, but for some reason the Cocoa methods that should stop a running process (NSTask terminate and NSTask interrupt) almost never work on the processes that run under FinkCommander.

This is curious, because NSTask terminate is supposed to do the same thing that ^C does (raise a SIGTERM signal). I've never had a problem terminating a fink command on the command line using ^C.

I plan to keep working on this and hope to have a fix in the next release. In the meantime, as the help file ("Known Bugs and Limitations") indicates, you can always quit FinkCommander, which stops all the subprocesses. Fink seems to do an excellent job of recovering from interrupted processes.

xchanyazy: If you wish you could program, then learn! Based on my own experience as an amateur who had to learn in his spare time, I would highly recommend starting with Python (http://www.python.org) , which you can install with Fink.

Justin Hallett, one of the fink developers, commenting on FinkCommander :

<<Dude very good, work it's very nice and usable now. I'm very impressed
and will try using it for awhile to see what feedback i can give you. as
for now i think fink scanpackages just be run before apt-get update, for
the apt update feature, but I'll coment more after more usage, keep up the
good work, I think it's almost ready to have alink on the fink page. That
is my vote :P>>


Cheers...

FinkCommander version 0.3.1 released

<<This version includes a package inspector, terminate command, contextual menu for running commands, access to additional fink.conf parameters and a revamped Preferences panel.>>

It's getting better and better. To have a terminate command is great.


Cheers...

Ask for a feature and get it. hehe:D

Also, Can it pick winning lottery numbers? Wake me up in the mornings with coffee and breakfast?:p

I am using it and it works great. I refused to use apt and dselect while still in the unix world (no debain for me), and this tool is great for Mac...

Was scrolling thru the list of packages in Fink Commander when I saw an interesting "package" listed as unstable...see this screenshot (http://www.russcam.com/temp/FinkCommanderSS001.jpg).

rusto,

Yes, I saw it before when I run in terminal: 'sudo fink list'

i macosx------------10.1.5-1-----[virtual package representing the system]


Cheers...

Copied a post to the fink-users list by sburr:

<<Version 0.3.2 of FinkCommander includes a new view menu that allows the
user to choose which columns to display in the table, improved methods
of communicating feedback to package maintainers and other enhancements.

You can download the new version directly from the FinkCommander home
page at http://finkcommander.sourceforge.net.>>

Cheers...