<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Right, I'm just trying to understand
how Apple's works without such things.<br>
<br>
Or actually, does it? I just tried sshing using the stock
lldb/debugserver, and that doesn't work either.<br>
Well I guess that answers that... :)<br>
<br>
<pre class="moz-signature" cols="72">Richard Mitton
<a class="moz-txt-link-abbreviated" href="mailto:richard@codersnotes.com">richard@codersnotes.com</a></pre>
On 08/06/2013 03:29 PM, Benjamin Kemper wrote:<br>
</div>
<blockquote
cite="mid:CAEauBkt=9-wKPuLk_sq8=rELhEC70SV5PnVjO2qg_1eh=1kAKw@mail.gmail.com"
type="cite">
<div dir="ltr">To permanently allow, edit "<font face="courier
new, monospace">/etc/authorization</font>" and change the
value of the "<font face="courier new, monospace">system.privilege.taskport</font>"
key to "allow" (if I remember correctly). Be careful though, as
this will allow any program on the system to use <font
face="courier new, monospace">task_for_pid</font>. I think you
can further play with this to allow only a specific user or
group but I haven't tried it yet.
<div>
<br>
</div>
<div>To allow the use of <font face="courier new, monospace">task_for_pid</font>
only for the current SSH session use:</div>
<div><font face="courier new, monospace">security authorize -l
-c system.privilege.taskport</font><br>
</div>
</div>
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On Wed, Aug 7, 2013 at 1:23 AM, Richard
Mitton <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:richard@codersnotes.com" target="_blank">richard@codersnotes.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">Hi all,<br>
<br>
So I'm trying to build debugserver for OS X. I followed all
the steps in code_signing.txt and was able to get a
debugserver binary.<br>
<br>
When I run lldb using this binary, I get a dialog asking for
'Developer Tools Access' in order to run it. If I enter my
password this works fine. (although I'm not sure if it
sticks over a reboot)<br>
<br>
-However- if I try and SSH into this machine and run it from
there, it fails ("initial process state wasn't stopped"). I
believe this is because the permissions dialog only applies
to the current session, so the SSH shell doesn't inherit it
(and can't open a GUI to ask me).<br>
<br>
So, what is the process needed to permanently grant
permissions for the debugserver binary? I can make it work
by changing the owner of the file to root/wheel and setting
the setuid bit, but I'm not sure if this is the right
solution.<span class="HOEnZb"><font color="#888888"><br>
<br>
-- <br>
Richard Mitton<br>
<a moz-do-not-send="true"
href="mailto:richard@codersnotes.com" target="_blank">richard@codersnotes.com</a><br>
<br>
_______________________________________________<br>
lldb-dev mailing list<br>
<a moz-do-not-send="true"
href="mailto:lldb-dev@cs.uiuc.edu" target="_blank">lldb-dev@cs.uiuc.edu</a><br>
<a moz-do-not-send="true"
href="http://lists.cs.uiuc.edu/mailman/listinfo/lldb-dev"
target="_blank">http://lists.cs.uiuc.edu/mailman/listinfo/lldb-dev</a><br>
</font></span></blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<div dir="ltr">Benjamin.</div>
</div>
</blockquote>
<br>
</body>
</html>