[chuck-users] Question re: installing ChucK on Mac
haberg-1 at telia.com
Sat Aug 7 09:52:41 EDT 2010
On 7 Aug 2010, at 14:27, Kassen wrote:
>>> However, sudo is a tool to protect the installation against
>>> unauthorised modifications.
>> Actually, not: it is just a shortcut to become root; try 'sudo -s'.
> Quite so, and I believe that unlike with becoming root outright the
> commands given with sudo are logged, which can be helpful to trace
> what went wrong, if something does.
There is a file /private/etc/sudoers which can be edited with 'visudo'
to put restrictions. But the user does become root. I think all stuff
is logged - there is a Console showing it, if you so like.
>> Though restrictions can be implemented, that is not so in Mac OS X.
>> In addition, when one does a 'sudo', it is valid for a few minutes,
>> which can be exploited by malware, by trying every minute if the
>> user has enabled root permissions.
> It might be preferable to restrict root access to a single bash
> session, or perhaps to require it for every command. System-wide
> root access sounds a bit excessive to me, but I don't know what
> considerations went into that choice.
Yes, one can turn the timing off, and some do. Otherwise, giving
access in just the place where one wrote it might have been wise, but
one can do it in one window, and then do it in another without
>> On the other hand, whenever you install something on Mac OS X, and
>> is asked for the password, one is in effect doing the same thing as
>> a 'sudo', becoming root. So one should never do that unless one
>> trust the software.
> Good advice. I do trust our devs, even though they can be a bit
> chaotic at times ;-)
It is mostly important when you visit porn sites - don't give your
password away there! Strange that one would have to give such
>> FYI: Though it derives from FreeBSD, it is now certified UNIX
>> (Intel 1.5 and later).
> It is. Of course the main thing that this indicates is that Apple
> (unlike some other *nixes) has a budget for certification.
Yes, but I saw that there are efforts to close in on the free
>> I suspect he has absolutely no knowledge about the console
>> (Terminal). Therefore, to start with it, it might be safest to put
>> it into ~/bin/.
>> It is good with this discussion - ChucK with strange downloading
>> comments, is directed to the console-savvy user, in effect shutting
>> others out.
> Yes. There have been a lot of questions about this. Commandline
> interfaces do look alien and a bit scary to many. Perhaps we should
> spend some time on this in a FAQ, for example with a link to a good
> online tutorial. We may also need to update the docs on the mini
> since the mini really isn't all that experimental and dangerous any
An installer might put the stuff into /usr/local/bin where it should be.
More information about the chuck-users