To avoid using sudo every time, you can just enable the setuid bit on the application. Do this carefully though, because it means anybody who runs the program is running it with root permissions.
Okay, here's what you do: (most of it from the Terminal)
1. First, set the owner of the program to root. With the setuid bit enabled, the program is run with the permissions of the owner.
2. Set the group to admin (assuming you're an user under admin group in mac). This way we can set it so only admin users have access to the program.
3. chmod 4750 programfilename
The chmod command alters the permission bits. In this case, here's what they represent.
4 - setuid bit enabled
7 - read, write, execute enabled for owner (root)
5 - read, execute enabled for group (admin)
0 - all other users have no access
I practically used this for WireShark which uses libpcap and /dev/bpf* (bpf : Berkley Packet Filter). To capture data user must have read and write permission to /dev/bpf*
so what I did is
# ls -l /dev/bpf*
#chmod 4750 /dev/bpf*
#chgrp admin /dev/bpf* (unfortunately there is not usermod command in MAC)
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment