Hacker News new | past | comments | ask | show | jobs | submit login

Sparkle works with sandboxed applications, and it doesn't muck around with /var.



But can you put an application in /Applications (requires administrator privileges), then have a non-administrator user run the app and complete an update?


Why is my non-Admin user doing an update? If they are locked down then they are locked down. Other means are probably being used.

Plus, thinking about it, how does Google deal with Carbon Freeze?


Nope, of course not. You will get an admin password prompt.


Right. But Chrome allows you to do that if the administrator has enabled it. To handle that securely, though, would likely require a specifically restricted daemon or setuid process that is well beyond most normal update use cases. And that might explain why they couldn't just use Sparkle.


The point is this shouldn't need to be done. If an administrator has installed an app, then it's the administrator's responsibility to update it. If I want to update an app myself, I'd install it in ~/Applications instead.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: