MacPorts shell mode

Rainer Müller raimue at macports.org
Thu Oct 19 20:07:00 UTC 2017


On 2017-10-19 19:28, Christopher Jones wrote:
> 
>> If you really want to run a command without typing your password,
>> configure the sudoers file accordingly. There are plenty of guides on
>> the web on how to do this, or see 'man sudoers' and 'man visudo'.
>>
>> Be aware of the security implications such a configuration has. Allowing
>> to run port without sudo effectively allows to run any command as root,
>> as it is trivial to execute other binaries.
> 
> Not true. In fact it is the exact opposite, more secure, if configured
> correctly.
> 
> You can configure sudo so *only* /opt/local/bin/port is allowed to run
> without a password. Any other use of sudo still requires the password. 
> 
> The reason doing this is more secure is because you can run ‘sudo port
> XYZ’ without entering any password, which means any subsequent sudo
> command will require authentication with a password. As a example
> 
>> sudo port XYZ
>> sudo rm -rf /opt/loca>
> has a very different outcome in the two cases… If you have configured
> sudo to allow the first to run without a password, the second will
> prompt you, at which point you might reconsider what you are doing… 

This only adds a safety net, so it stops you from running such a command
accidentally. However, in terms of security, allowing to run 'port'
without password is equivalent to allowing the user to run any command.

One of the simplest possible ways to gain privileges would be something
like 'sudo port edit --editor <...>'. That definitely affects security.

Of course in the end it is still the decision of each user whether this
is grave enough or if the enhanced user experience is more important.

Rainer


More information about the macports-users mailing list