Closed StevenSorial closed 1 year ago
@MattKiazyk I hope this PR can be merged soon đ€đŒ
@MattKiazyk Is this pr a no-go? I was hoping it could be merged, so follow it with other PRs.
Hi @StevenSorial Thanks for your patience and the time you spent on the original PR.
Some discussions happened about what we want to accomplish with sudo vs requesting the password when we need it and we've come to the conclusion that we don't want to higher permissions if we don't need them for all the functions.
This accomplishes a few things. It doesn't allow some accidental code that needs higher permission from actually getting it and It's being a nice player in open source.
I believe all the higher level privileges that are needed are after download/extract, so it might be a good addition to have a --skip-post-install
or something similar where it doesn't approve license, run first time to install additional components, etc.
Thanks for your patience again.
Thank you for your response and sorry for my late reply. I will present some arguments why I think that might not be the right decision but feel free to skip them if it's not open for discussion.
runtimes
sudo
implementation, so this PR just make it consistent across the whole app. It was not a security/stability concern for the runtimes command, so I donât see why it will be for the other commands.DECISIONS.md
Run xcodes with sudo: xcodes doesnât need elevated privileges the entire time, and means simple programmer mistakes can have bad consequences
It doesnât allow some accidental code that needs higher permission from actually getting it and Itâs being a nice player in open source.
While this concern is legitimate, I think itâs exaggerated. Many of the command line tools we use sometimes require sudo, and we donât think much about it because they most probably have a good reason why they needed it, and because the community already tried and trusts the developers.
Also, In this PR and in #230, sudo is not always required, and only requested when the user entered a command that will require it, e.g, for runtimes, sudo is not required when only downloading an image or when installing >=iOS 16 image.
Personally, as a user, I would be more concerned if a program is handling my password manually instead of the shell/system
Itâs being a nice player in open source
Maybe I donât look into many CLI tools code, but I personally have never seen this solution. Moreover, I see it as a maintainability burden. I also had some problems with it while implementing #230 where it sometimes asked for the password while I already had privilege + It doesnât work when using touchid for sudo.
@MattKiazyk @rogerluan What do you think? I hope that I'm not arguing too much đ
This PR removes the old
sudo
implementation, and uses the same behavior used byruntimes
.