search

kristovatlas / osx-config-check

Verify the configuration of your OS X machine.
MIT License
1.25k stars 111 forks source link

decide how to deal with sudo/administrative issues #23

Open kristovatlas opened 8 years ago

kristovatlas commented 8 years ago

It's probably a good practice to mostly use a non-admin account, but the non-admin won't be able to change configurations unless at least added to the sudoers list. Need to decide how to resolve this catch-22.

kristovatlas commented 8 years ago

relevant: https://github.com/drduh/OS-X-Security-and-Privacy-Guide/issues/9

kristovatlas commented 8 years ago

4 partially resolved this by always trying to perform checks and implement fixes without sudoers rights. I think the next step is just to clarify the README to state that the script should be executed once per user. I may also want to output some direction to the user in the case that a config fix is user-specific && the fix requires admin rights && the user doesn't have admin rights; if there are any configs that match this pattern, I must weigh the risk of adding the user to the sudoers file vs. not having the desired configuration, or examine other options for escalating privileges other than sudo.