Having a privileged helper tool would enable a few more possibilities, such as
flood ping (see #13)
mtr instead of traceroute (traceroute seems to be setuid; otherwise, it, too, would require sudo)
But that's a lot of work. One path would be an installer package. Another is to have an API prompt for authorization on first use, then install a helper tool, which in turn is restricted to only do the necessary privileged things. The way to do that these days seems to be SMJobBless.
[x] Have a separate project for the helper tool
[x] Code-sign both the main project and the helper project
[x] Have SMPrivilegedExecutables on the main project reference the helper
[x] Have SMAuthorizedClients on the helper project reference the main app
Having a privileged helper tool would enable a few more possibilities, such as
traceroute
seems to be setuid; otherwise, it, too, would require sudo)But that's a lot of work. One path would be an installer package. Another is to have an API prompt for authorization on first use, then install a helper tool, which in turn is restricted to only do the necessary privileged things. The way to do that these days seems to be SMJobBless.
SMPrivilegedExecutables
on the main project reference the helperSMAuthorizedClients
on the helper project reference the main app