search

SAP / macOS-enterprise-privileges

For Mac users in enterprise environments, this application gives users control over the administration of their machine by elevating their level of access to administrator privileges on macOS. Users can set a timeframe in the application's settings to perform specific tasks, such as installing or removing an application.
Apache License 2.0
1.4k stars 150 forks source link

[Feature Request] - Local Authentication with the PrivilegesCLI #35

Closed geoffrepoli closed 1 week ago

geoffrepoli commented 2 years ago

When the RequireAuthentication setting is enabled, PrivilegesCLI will prompt the user to enter their password by passing it through stdin when using the --add switch.

As I am interested, and I'm sure others are as well, in creating custom workflows for temporary, on-demand privilege escalation, the only way to pass the user's credentials to authentication presently is through insecure AppleScript prompts that then passes it in cleartext to the command line.

I'm curious if it's possible (and if so - would love to have this feature realized) to leverage LAPolicy.deviceOwnerAuthentication within the CLI tool to create a prompt identical to the one that appears when requesting privileges through the Privileges GUI

mthielemann commented 5 months ago

This will be implemented in Privileges 2.0.0, which will be available later this year.