For Mac users in enterprise environments, this application gives users control over the administration of their machine by elevating their level of access to administrator privileges on macOS. Users can set a timeframe in the application's settings to perform specific tasks, such as installing or removing an application.
Apache License 2.0
1.4k
stars
149
forks
source link
LimitToUser doesn't work if NSUserName is not lowercase #15
In an environment where the NSUserName value is not all lowercase, the LimitToUser feature doesn't work, because the input from the config profile automatically gets lower-cased. The case normalization would need to happen on both sides being compared, or better, should do a case-insensitive comparison. Something like:
(limitToUser && !([limitToUser caseInsensitiveCompare:_currentUser] == NSOrderedSame))
I wasn't able to test above, due to issues with the linking in the Xcode project I encountered.
https://github.com/SAP/macOS-enterprise-privileges/blob/4ab3d190cc827f059e3779a5a09d2921c71b4459/source/Privileges/AppDelegate.m#L370
In an environment where the NSUserName value is not all lowercase, the LimitToUser feature doesn't work, because the input from the config profile automatically gets lower-cased. The case normalization would need to happen on both sides being compared, or better, should do a case-insensitive comparison. Something like:
(limitToUser && !([limitToUser caseInsensitiveCompare:_currentUser] == NSOrderedSame))
I wasn't able to test above, due to issues with the linking in the Xcode project I encountered.