I'm using setregproptool to set and delete firmware passwords, and I have to include the password in the script. Is there a way to make it so the postinstall script, or at least the password in it, can't be read? Is there a better way to achieve my goal without actually touching the machine?
I'm copying the binary to one location (/Users/Shared/.z9-fp/), and then running a postinstall like this:
Not that I am aware of. Best you can do is make the script owned by root and mode 700. But that's easily bypassed by anyone halfway clever or with admin rights.
Greg:
I'm using setregproptool to set and delete firmware passwords, and I have to include the password in the script. Is there a way to make it so the postinstall script, or at least the password in it, can't be read? Is there a better way to achieve my goal without actually touching the machine?
I'm copying the binary to one location (/Users/Shared/.z9-fp/), and then running a postinstall like this:
!/bin/bash
"/Users/Shared/.z9-fp/setregproptool" -d -o xxxxxxxxxx
exit 0
Thanks,
Yehuda