Calling system("open <app name.app>") sometimes causes app to be launched as root

Question

I've got an application (A daemon inside /Library/StartupItems to be precise) running as root that occasionally launches another process using system("open /Applications/MyAppName.app"). This works fine except that on certain computers MyAppName gets launched running as root, instead of under the current user.

I'm trying to figure out why this is, and how I can get the application to always launch as the current user.

The issue seems to occur at enterprise sites running some combination of Open/Active directory. I have somewhat limited access to these machines so I'm trying to at least form some hypotheses before I request more time on them.

The one other clue I have is that on at least one of these computers if you open up Activity Monitor and inspect the "Finder" process, the "User:" section shows user name but no user id (the "(UID)" section is entirely missing).

Also, the Parent Process shows as "launchd (1)" rather than "launchd (95)" like most standard applications do. This instance of launchd I believe is the run that's the first thing to start up any time the computer is booted up and runs as root, as compared to the other instance of launchd which runs as the logged in user.

Besides the obvious security concerns, I need the application to not run as root so that it will support things such as being open for/visible to two simultaneously logged in users.

Does anybody have any ideas about what might be causing this or how I might go about solving it?

Answer 1

I’ve got a few comments:

1. You should make your daemon a proper launchd daemon, i.e. stick a plist in /Library/LaunchDaemons. /Library/StartupItems is obsolete. See http://developer.apple.com/documentation/MacOSX/Conceptual/BPSystemStartup/BPSystemStartup.html.

2. You probably shouldn’t be launching the second daemon directly from your daemon. You should probably make it another daemon.

3. Make sure you’re familiar with this Tech. Note: http://developer.apple.com/technotes/tn2005/tn2083.html. It’s essential reading and should explain why there’s more than one launchd process and should give you decent clues as to what’s going wrong in your case.

4. As an aside, open is just a wrapper around Launch Services which you can access directly, rather than calling system. However, as I said, you shouldn’t be launching your second daemon using open or Launch Services.

If you can post more detail about exactly what it is your daemons do, we might be able to give you advice as to the best way to do it. For example, it’s often best to have your launch daemon launched on demand rather than have them running continuously.