<div dir="ltr">Hey Rainer,<div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><span style="font-size:12.8000001907349px">I mean, most users already run the port command as root. Any security</span><br style="font-size:12.8000001907349px"><span style="font-size:12.8000001907349px">vulnerability that can be exploited in the GUI would most probably also be</span><br style="font-size:12.8000001907349px"><span style="font-size:12.8000001907349px">exploitable from the command line when running with 'sudo port'. Or what kind of</span><br style="font-size:12.8000001907349px"><span style="font-size:12.8000001907349px">vulnerability do you have in mind?</span></blockquote><div><br></div><div>It'd most likely be more insecure due to the fact that Pallet has a constant Tcl shell running in the background, as well as it's running the entire GUI framework as root. </div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><span style="font-size:12.8000001907349px">That would be very unfortunate. I would see the GUI as a way to give users</span><br style="font-size:12.8000001907349px"><span style="font-size:12.8000001907349px">easier access to MacPorts without the need to use the Terminal. Opening an app</span><br style="font-size:12.8000001907349px"><span style="font-size:12.8000001907349px">bundle should be the preferred way in my opinion.</span></blockquote><div><br></div><div>In order to achieve that, I'd have to replace the current authorization framework (option 1 of the original email). The only other option is that I may be able to get a launcher type script working (double-click and a "GUI-sudo" would launch Pallet as root). </div><div><br></div><div>-Kyle</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Aug 7, 2015 at 1:34 PM, Rainer Müller <span dir="ltr"><<a href="mailto:raimue@macports.org" target="_blank">raimue@macports.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">On 08/07/2015 09:18 PM, Kyle Sammons wrote:<br>
> That's right. I don't think it is unsolvable, just a lot of work to<br>
> figure it out, but the solution we implement here could also be used for<br>
> other applications. It might be worth the effort to have this.<br>
><br>
><br>
> I'm not sure too many other people would be able to benefit from it as the<br>
> issues we're having isn't so much with automatically generating a self-signed<br>
> certificate (that part is already written), but getting that to work within the<br>
> MacPorts build system.<br>
<br>
</span>Hm, but wouldn't that be helpful for other ports installing .app bundles? Maybe<br>
I don't have enough knowledge here to decide whether it is really useful.<br>
<span class=""><br>
> There would not be any new functionality in the graphical frontend that<br>
> could not also be exploited in 'sudo port' from the command line, right?<br>
><br>
><br>
> I'm not sure what you mean by that. Would you mind rewording it?<br>
<br>
</span>I mean, most users already run the port command as root. Any security<br>
vulnerability that can be exploited in the GUI would most probably also be<br>
exploitable from the command line when running with 'sudo port'. Or what kind of<br>
vulnerability do you have in mind?<br>
<span class=""><br>
> Would I have to type 'sudo pallet'? Will I be able to start the<br>
><br>
> application from an app bundle?<br>
><br>
><br>
> Currently yes, unless there's a way to launch an app bundle with superuser<br>
> privileges that I'm unaware of.<br>
<br>
</span>That would be very unfortunate. I would see the GUI as a way to give users<br>
easier access to MacPorts without the need to use the Terminal. Opening an app<br>
bundle should be the preferred way in my opinion.<br>
<span class="HOEnZb"><font color="#888888"><br>
Rainer<br>
<br>
</font></span></blockquote></div><br></div>