| Dear all,
So I spent a large portion of my day today, trying to understand sudo and how to make it so that a single command could be free from request for a password when run by an administrator.
Thankfully, I have a colleage much smarter than I, who was able to point me in the right direction. (I hesitated to ask on this forum because of the sensitive nature of learning how to override the password protection for [any] particular command in Terminal.)
But here is what is disconcerting for me: I have a 15-year old who spends a lot of time playing MineCraft. From what I can tell is that maybe Minecraft itself is not hackware, but the mods, I think are. thus, by playing Minecraft, my daughter has become pretty savvy with terminal, _javascript_, applescript, etc. It’s great when I need her assistance with an applescript!
What concerns me however, is this evening, when I told her the problem I was working with, she immediately showed me this great work around she learned from her Minecraft buddies: xattr -d com.apple.quarantine and then she drags the file she wants to blow away the quarantine on to the terminal window…..
How can xattr possibly NOT be under super user restrictions? I mean, if I go into File Info on any file on my system, I have to enter my admin password to make changes to the file access.
It seems to me that not having xattr as a sudo password command, that certainly opens our systems up to hackers. What am I missing here?
Thanks, Dee Dee
|