Giving informative alerts for admin-owned sockets requires running the app as root

[pirate]

Unfortunately getting the PID of a process attached to a given port seems to require root privileges on unix.

The options are:

Gives PID, process, and owner. Requires root:

sudo lsof +c 0 -i:5900

Gives no PID, owner, or name. Doesn't require root, and almost 2x the speed of lsof

netstat -tan | grep '[:.]5900'

If anyone has any advice on how to get around this conundrum, I'd love to hear. VNC is currently the only logger that requires root permissions, all the others work fine if the user has read access to /var/log/. I really don't want to ask for an admin password for the app if I don't need to, but at the same time this is valuable connection information that I want to see if someone is VNCing into my computer.

[pirate]

The temporary solution is to stick lsof in your sudoers file using sudo visudo:

# add to end of file
yourusername ALL=(ALL) NOPASSWD: /usr/sbin/lsof

The security implication of doing this ^ is that any program running as your user can now see previously inaccessible details about root-owned sockets.

[pirate]

I've decided I don't want SG running as root ever, the security risks are simply to great. For now, VNC connection alerts will be limited to "a VNC connection has been opened", without showing which process is opening the connection. I may add instructions for power users to enable root mode, but for now I'm removing all sudos from the SG code.