Only the privileged component, which is monitored and specially protected by macOS has this technical capability. Even if an unauthorized attacker would manage to manipulate the main program, it could not trigger any malicious functions in the computer, because it could not get permission to do that. A second component, the so-called privileged helper does this work by receiving the request of the main application via a secure, tap-proof channel. The privileged job is not executed by the main application, however. If yes, the task will continue and the privileged operation can start. However, as soon as a privileged operation has to be executed, for example changing a setting that takes effect for all users of the computer, not only the current one, the application stops, makes you aware of the pending task, and checks whether the current user can identify herself as system administrator. It also executes all tasks that don’t require any special permissions. To guarantee a high security level, TinkerTool System works in two parts: The normal main application with the graphical user interface is coordinating all operations.
Only responsible system administrators who manage the respective computer should be allowed to perform such actions.
This is necessary because the application can be used to perform critical operations in macOS, for example to alter or even delete operating system files. When you launch TinkerTool System for the first time, it will automatically integrate into the security model of macOS.
0 kommentar(er)
