I'd like to elevate the privilege of a program temporarily so that I can write to a device file (usually an SDCard like on /dev/sdc, etc.). On OSX, I can run authopen to ask the user for permission (if necessary) and get back an open filehandle. Currently, the program is invoked via sudo on Linux, but I've been asked if it is possible to remove the need for sudo or at least reduce the number of permissions that are granted. Is this possible? For example, is there an equivalent to authopen on Linux or is there a different strategy that programs use?
Asked
Active
Viewed 98 times
0
Frank Hunleth
- 720
- 4
- 13
-
The Closest possible equivalent would be [SELinux](https://en.wikipedia.org/wiki/Security-Enhanced_Linux) or possibly [AppArmor](https://en.wikipedia.org/wiki/AppArmor). However, I think in this case either would be an overkill. Unless, of course, you have one or the other running already for some other purposes. – Mar 06 '16 at 06:20
-
I was hoping to avoid SELinux or AppArmor, since others are installing the program and keeping things simple for them would be helpful. Being very tight on permissions is less important than only requesting it if needed. – Frank Hunleth Mar 06 '16 at 15:05