[X4U] Configuring an App to Run as Root

David Ledger dledger at ivdcs.demon.co.uk
Sun Jul 4 00:23:55 PDT 2004


>From: drunk <lists at drunkenbatman.com>
>Message-ID: <20040703015434618288.GyazMail.lists at drunkenbatman.com>
>Subject: Re: [X4U] Configuring an App to Run as Root
>
>On Thu, 1 Jul 2004 15:35:01 -0700, Rick Gordon wrote:
>>  What is the most streamlined way to set up an application to run with
>>  root ownership while you are logged in as an administrative user? I
>>  know you can set this up with an application like Pseudo, but how
>>  would you do it directly? Simply changing the permissions to root
>>  ownership doesn't seem to accomplish it. I think because it's still
>>  looking for ancillary files such as preferences inside my user
>>  folder, while when I run via Psudo, it works properly, looking for
>>  the files downstream from /private/var/root.
>
>I think you're going to be out of luck here, although with 10.4 and 
>ACLs this might get a little easier. Changing the permissions to 
>root ownership won't accomplish it because you're launching the app 
>as the administrator, not root, so its launched with administrator 
>privileges. Changing its privileges to root basically just locks 
>people who aren't root out of using it. Apps like Pseudo basically 
>do the opposite, launching the app from root so it has root 
>privileges are far as the OS is concerned.

'changing the permissions to root ownership' only stops others using 
it if the permissions deny execution by 'Others'.  The 'Get info' 
pane on an appication doesn't mention execute, only read and write, 
so you'd have to use the CLI to change execute permission.  I think 
you'll find that most Applications are owned by root, showing as 
'System' in 'Get info'.  Changing the owner:group to root:admin and 
the protection mode of the actual binary executable within the bundle 
to read -rwsr-xr-x with
	chmod u+s <pathname of binary>
should make it run as root, whoever runs it.  -rwsr-x--- will make it 
run as root for all admins and not at all for others. Making it run 
as root for admins and themselves for others is not possible just by 
setting owner/permissions.  We're already on the borders for 'X for 
Users' here.

David


-- 
David Ledger - Freelance Unix Sysadmin in the UK.
Chair of HPUX SysAdmin SIG of hpUG technical user group (www.hpug.org.uk)
dledger at ivdcs.co.uk (also dledger at ivdcs.demon.co.uk)
www.ivdcs.co.uk



More information about the X4U mailing list