I have a folder A owned by me. This folder A is containing a folder B owned by root. Folder B is containing some files, owned by root too.
In OS X, if I move the folder A into the Trash, I can empty the trash without any authenticating (as admin) dialog.
I want to do the same with code.
Using Terminal (rm, cp, mv, …) or AppleEvent, I always have permission denied or authenticating dialog. AppleEvent let me move the folder A into the Trash, but, as I don’t selectively empty the trash, I don’t want to go this way.
Does someone know how I can achieve this in code without giving root or admin password ?
If you think about it, an app that could do that without authenticating would be a terrible security risk.
There was a long thread about a similar concern, but the idea is to enter the password when prompted :
https://forum.xojo.com/4966-sudo-shell-command/0
Why the Finder allow me to do that ? I would just do the same, except I don’t want to put the folder to the trash as I cannot empty the trash selectively.
According to some discussion on Linux forum, we can even do that on that OS with some simple terminal command (cp, mv). Remember I’m the owner of the parent folder and have read, write and execute rights on this folder. This is why, I suppose, the Finder allow me to delete this parent folder. But I’ve not found a way to reproduce this behavior in code.
[quote=223557:@FranoisVanLerberghe]I have a folder A owned by me. This folder A is containing a folder B owned by root. Folder B is containing some files, owned by root too.
In OS X, if I move the folder A into the Trash, I can empty the trash without any authenticating (as admin) dialog.
I want to do the same with code.
Using Terminal (rm, cp, mv, …) or AppleEvent, I always have permission denied or authenticating dialog. AppleEvent let me move the folder A into the Trash, but, as I don’t selectively empty the trash, I don’t want to go this way.
Does someone know how I can achieve this in code without giving root or admin password ?[/quote]
When you use AppleEvents in AppleScript, you simply automate Mac OS X you are already logged in. Note that System Events is verboten when an app is sandboxed, for just the same security reasons. When you use a shell, would that be inside an app or with Terminal, it is in fact a child process, a new user if you will. Hence the need to log in when dangerous operations of critical files and folder are accessed.
Unix is a very safe environment. It has built in measures to prevent a user from damaging another user files, or worse, root owned files that are usually critical.
In order to mess with files owned by root, you must be logged as Root.
https://support.apple.com/en-us/HT204012
Just pray for what you propose keeps being impossible, for fear malware authors start cleaning up your Unix system files…