admin user (and ditto group member) no longer has the corresponding permissions?!
Clemens Lang
cal at macports.org
Mon Jul 27 22:15:22 UTC 2020
Hi,
On Mon, Jul 27, 2020 at 09:10:40PM +0200, René J.V. Bertin wrote:
> To streamline things as a port dev/maintainer I've set `macportsuser`
> to myself, which means that as a member of the admin group I get to do
> a lot of things without needing to sudo all the time. I know the
> risks, and always managed to avoid them.
Don't do that, that completely breaks the privilege separation. You
might as well use a non-root install then.
This configuration is also unsupported. This means that you should not
expect support on this mailing list for such a configuration.
> Now, to make this more interesting: the above applies to a shell
> running in a terminal emulator that gets started when I launch my X11
> environment (from the X11 icon in the Dock). Shells running in
> Terminal.app (also launched from the Dock) give me all the permissions
> I expect, and if I start my X terminal emulator from such a shell it
> inherits those permissions. Launching X11 from a shell in Terminal.app
> doesn't help.
macOS has been doing capability management on top of traditional unix
permissions for a while now, for example associated to your aqua login
session. This list isn't the place to ask about those details, Apple
documentation, and Apple forums are.
--
Clemens
More information about the macports-dev
mailing list