Hi, On Mon, Jul 27, 2020 at 09:10:40PM +0200, René J.V. Bertin wrote: > To streamline things as a port dev/maintainer I've set `macportsuser` > to myself, which means that as a member of the admin group I get to do > a lot of things without needing to sudo all the time. I know the > risks, and always managed to avoid them.
Don't do that, that completely breaks the privilege separation. You might as well use a non-root install then. This configuration is also unsupported. This means that you should not expect support on this mailing list for such a configuration. > Now, to make this more interesting: the above applies to a shell > running in a terminal emulator that gets started when I launch my X11 > environment (from the X11 icon in the Dock). Shells running in > Terminal.app (also launched from the Dock) give me all the permissions > I expect, and if I start my X terminal emulator from such a shell it > inherits those permissions. Launching X11 from a shell in Terminal.app > doesn't help. macOS has been doing capability management on top of traditional unix permissions for a while now, for example associated to your aqua login session. This list isn't the place to ask about those details, Apple documentation, and Apple forums are. -- Clemens
