Security and Permissions in Mac Application Development: Root Privilege Access and Entitlements

I am developing a Mac application. Within this application, I need to execute certain commands and expressions with root privilege access. I am working to perform this action, and once authenticated, it should persist throughout the entire app lifecycle. Similar to allowing keychain access for Xcode applications by selecting the 'Always allow' permission.

Please let me know:

1. Is it possible for a third-party application to exhibit such behavior?

2. If it is possible, what type of permissions do I need to set?

3. Do I need any specific entitlements for this?

Thank you for your insights and assistance. Your responses are highly valued, and any guidance you can provide will be greatly appreciated.

Up vote post of albinjoseph Down vote post of albinjoseph
372 views
Posted by
albinjoseph
Reply
Add a Comment

Replies

I am developing a Mac application.

The answer here depends on your distribution channel. If you’re planning to distribute your app via the Mac App Store, privilege escalation is not allowed. See clause 2.4.5(v) of the App Store Review Guidelines.

If you plan to distribute directly using Developer ID signing, privilege escalation is quite feasible. I summarise the options available in BSD Privilege Escalation on macOS.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Post not yet marked as solved Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

I need to achieve the following behaviour in my App

  1. When the app is run for the first time, prompt the user to authenticate by entering their administrative password.
  2. Upon successful authentication, securely store the administrative password using macOS Keychain Access.
  3. For subsequent executions of the same command, retrieve the stored password from the Keychain and use it to execute the privileged command without requiring the user to enter the administrative password again.
  4. By implementing this approach, users will only need to authenticate once, and subsequent executions of the privileged command will be seamless without further authentication prompts.
Posted by
albinjoseph
Up vote reply of albinjoseph Down vote reply of albinjoseph
Add a Comment