everetteallen
commented
5 months ago It would be very interesting to add functionality from SAP Privileges along with a true macOS timer to help meet the community needs here. What do you think Tim?
Open CycleParm opened 5 months ago
everetteallen
commented
5 months ago It would be very interesting to add functionality from SAP Privileges along with a true macOS timer to help meet the community needs here. What do you think Tim?
twocanoes
commented
2 months ago Any more information? How would this be allowed / disallowed? Via MDM?
everetteallen
commented
2 months ago I would add two keys to the configuration profile 1) allowPrivilegeElevation Bool True/False - that would activate the feature 2) privilegeElevationAllowGroup String whatevergroupname - would be the name of a Entra/Okta/Google/OIDC/etc group whose members are allowed to elevate privileges if allowPrivilegeElevation is true. If this key is not set all standard users would be allowed to elevate.
twocanoes
commented
2 months ago why not just use SAP Privileges? So you have one less menu item?
everetteallen
commented
2 months ago Several reasons but the biggest is that Privileges does not have a reliable demotion mechanism and depends on deprecated launch agents and can be removed when the primary function of the app is executed.
• Allow a standard user to elevate their privileges for a defined amount of time through the XCreds menubar item.
• Provide a time remaining countdown timer