Re: admin user (and ditto group member) no longer has the corresponding permissions?!
Re: admin user (and ditto group member) no longer has the corresponding permissions?!
- Subject: Re: admin user (and ditto group member) no longer has the corresponding permissions?!
- From: René J.V. Bertin via X11-users <email@hidden>
- Date: Tue, 28 Jul 2020 11:36:20 +0200
On Tuesday July 28 2020 08:18:00 Sankey, David wrote:
>Internally X11 is launched from bash.
>
>You need to add /bin/bash to Full Disk Access in the Privacy tab in the
>Security and Privacy Control Panel.
>
Thanks for the suggestion, but that option didn't yet exist in 10.9 (or it's so
well hidden that I never noticed it)! Besides, if this were the explanation,
then
- any process launched through bash should be affected by the permission
restrictions
- every user (possibly even root) should be afflicted.
Oh, and the bundle exec of MacPort's X11 uses $SHELL to launch the actual X11
server binary. In my case that's tcsh.
I've done some more digging. My X11 terminals (KDE5 konsole running with Qt's
xcb QPA) were being launched through an *old* script of mine that was launched
from .xinitrc using an xterm instead of simply as an executable script. I can't
remember why I ever did that. I modified this aspect, and now my "konsoles"
give me the expected, traditional Unix permissions.
However, if I launch an xterm, or an mrxvt terminal, my permissions are
crippled, no matter how I launch those terminals. It also happens when I ssh in
from a Linux rig and use the remote X11 server. However, when I su to that
other admin user permissions are again as they should be. I haven't yet tried
to ssh from an xterm to my Linux rig and then back to the Mac (my UIDs are
identical).
So, to resume once more:
- this issue is limited to certain applications, or applications that use (or
don't use) certain library/ies (I've identified xterm and mrxvt for now)
- this issue is limited to certain (admin) user accounts
I can't think of any logical explanation for this and-and combination (I could
understand an either-or). It seems more likely that something was changed to
the settings of my account than to other settings. You'd almost think of a
virus, except that the only thing it achieves by limiting admin file access is
annoying me...
FWIW, a while back I had an episode on this same Mac where the invocation of
the libtool script would cause gatekeeper to burn a lot of CPU, slowing down
autoconf-based builds to a crawl. I never understood what happened then and how
it sorted itself, but there were log entries that made it very clear that
gatekeeper was involved. I'm not seeing any of those here.
R.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
X11-users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden