Re: Secure privilege escalation

[Ethan C]

I would recommend that if you don't use polkit and you don't use a setuid binary, that you use sudo. sudo accepts the `-A` flag or the `SUDO_ASKPASS` environment variable to specify a graphical program to tell sudo the password; examples of programs that do this are `ssh-askpass`, `gnome-ssh-askpass`, `ksshaskpass`, and `lxqt-openssh-askpass`. If you don't want to write an askpass binary using GNUstep-GUI, I'd recommend that you depend on `gnome-ssh-askpass` since almost all graphical users will have Gtk installed and have a desktop environment which properly handles Gtk applications (the desktop environments normally do not set `SUDO_ASKPASS` or `SSH_ASKPASS`; you'll need to set it yourself when you call `sudo`).

On 2/2/25 16:55, Riccardo Mottola wrote:

> Hi
>       James,
>       
>       
>       James Carthew wrote:
>       
> >         
> >         I want a way to escalate the privileges of my application to
> >         root level, but only for the specific function. I also only want
> >         the user to authenticate once and then have their escalated
> >         privilege exist until they close the plugin. Similar to the
> >         unlock padlock button in OSX's SystemPreferences.app. Does
> >         anyone know howto implement this?
> >         
> >       
>       
>       no.. I have never found a portable way of doing this that would
>       doing this that would work at least on Linux and BSDs.
>       
>       I even wonder if Mac offers an API to do it that we should
>       reimplement.
>       
>       
>       lacking that, i never added certain features to SystemPreferences
>       myself wanting it to remain portable.
>       
>       
>       I think of a couple of approaches. The most portable would be to
>       interact somehow with sudo, being it either present in base system
>       or available as a package on most systems I can think of.
>       
>       
>       Another question is how it actually works on Apple. On my mac I am
>       both a user and an admin user, so it looks I am authenticating
>       myself essentially. But in case I were Joe and admin were Bob,
>       would I be entering Joe's or Bob's password?
>       
>       
>       Riccardo
>       
>       
>