MacUpdate
Join MacUpdate
New Member

New Developer
Explore
MacUpdate Desktop
Hot Apps

Business
Dashboard
Development
Drivers
Education
MacUpdate Promo
Popular Apps

Games
Home & Personal
Internet
Multimedia & Design
Utilities
iPhone
Apps
Login
Member Login

Developer Login
About
Search Mac Apps

Search iPhone Apps

Advanced Search
LaunchAsRoot
LaunchAsRoot 1.0
Your rating: Now say why...

(4) 3.375

Run applications with root privileges.   Free
Add to my Watch List
Email me when discounted
  • Download Now
    356 KB
  • Visit Developer's Site
    Limit Point Software
LaunchAsRoot is an app's passport to running as superuser, i.e. with root privileges. It runs as an application and service for launching applications as root user.

How to use : Drag the application (or a document) you wish to launch as root on top of the LaunchAsRoot application icon in the Finder. You will presented with an authentication dialog. Enter the name and password of an administrator to allow the application to be launched by LaunchAsRoot. LaunchAsRoot quits after launching the application.

How to use Service: Control-click on the application (or a document)
Requirements
Intel, Mac OS X 10.6.6 or later



MacUpdate - LaunchAsRoot




  • Chalaut
    +1
    Shareware
    Drag & drop app for launching ...
LaunchAsRoot User Discussion (Write a Review)
ver. 1.x:
(4)
Your rating: Now say why...
Overall:
(4)

sort: smiles | time
burypromote

+9

Bluepolo reviewed on 01 Nov 2011
This is a useful little application. I don't run as an Admin, so when I need to run an App as root eg TrueCrypt, I could run the command line

open -a LaunchAsRoot /Applications/TrueCrypt.app/Contents/MacOS/TrueCrypt

which replaces

su root_account -c "/Applications/TrueCrypt.app/Contents/MacOS/TrueCrypt &"

or if you can find Pseudo you can build an AppleScript to create an App that you can run. Pseudo is PPC code so you need Rosetta, which means no can do with Lion.

This page handily gives some options

http://www.hutsby.net/2011/10/using-truecrypt-on-osx-as-non.html
[Version 1.0]


burypromote
-7

-20

Oldr4ver reviewed on 19 May 2011
This looks to be the perfect application black hat's would search for to help install their malware without prompting a user for credentials.

FAIL for SECURITY
[Version 1.0]

6 Replies

burypromote
+1

+127
Borlox replied on 19 May 2011
It does prompt for credentials.
burypromote
+1

+18
Scottyo replied on 19 May 2011
Sounds like it basically implements

sudo open -a appname

which is already easily done no matter the color of your hat, and wouldn't appear to add any vulnerabilities, since the secret sauce is still your admin credentials.

I think 1 star is a rather harsh rating. I haven't had occasion to use it it, so can't rate it yet myself.
burypromote

+449
sjk replied on 21 May 2011
Run "sudo open -a TextEdit" and the saved file will be owned by the current user. Open TextEdit with LaunchAsRoot and the saved file will be owned by root.
burypromote

+18
Scottyo replied on 21 May 2011
< >

Yes, but you can chown to any account anyway once you own the file, so it still doesn't basically increase the risk level, though inadvertent chowning to root could *possibly* open a hole if other permissions are bad, but I don't see an exploit.
burypromote

+449
sjk replied on 22 May 2011
.
> "… you can chown to any account anyway once you own the file …"

Huh?

> so it still doesn't basically increase the risk level, though inadvertent chowning to root could *possibly* open a hole if other permissions are bad, but I don't see an exploit.

I don't understand your reasoning, though maybe we agree that LaunchAsRoot isn't opening exploits to anything that's not already possible in other ways?

If anything, Oldr4ver might want to validate his claim that LaunchAsRoot doesn't prompt for credentials. It did for at least Borlox, and me.
burypromote

+18
Scottyo replied on 22 May 2011
>> "… you can chown to any account anyway once you own the file …"

>Huh?

Sorry, using chown, you can assign ownership of any file you own to anyone else in the system (but I either have a mis-memory or something has changed. Back in the 80s, on HP-UX at least, chown could be executed by anyone but only worked on files you owned, whereas now it's only available to root [and via sudo of course]). I was addressing the following:

>Run "sudo open -a TextEdit" and the saved file will be owned by the current user. Open TextEdit with LaunchAsRoot and the saved file will be owned by root.

So after running the sudo command above you could
sudo chown root theFile
thereby achieving the same end as the LaunchAsRoot version. So LaunchAsRoot has only made it convenient, but hasn't added to the cracker's arsenal.

Of course, if you can sudo, you're already in like Flynn anyway. And if you don't know the ownership difference between the two invocations when saving a file, you could be surprised (unpleasantly if execute is set) by root owning it in the LaunchAsRoot case. BTW I haven't verified that difference.

>I don't understand your reasoning, though maybe we agree that LaunchAsRoot isn't opening exploits to anything that's not already possible in other ways?

>If anything, Oldr4ver might want to validate his claim that LaunchAsRoot doesn't prompt for credentials. It did for at least Borlox, and me.

If it indeed always prompts foe sudoer credentials (not sure how it could work otherwise), then we're agreed: LaunchAsRoot is not adding capabilities/exploits, just making it more convenient to do something that was already doable.

Sorry, much of the confusion was probably caused by my mistaken assumption that chown could (still) be used by any user rather than just by root and sudoers.
There are currently no troubleshooting comments. If you are experiencing a problem with this app, please post a comment.



Hidetani rated on 19 May 2011

[Version 1.0]



+38

Loukash rated on 19 May 2011

[Version 1.0]


Downloads:1,530
Version Downloads:1,530
Type:Utilities : Desktop
License:Free
Date:19 May 2011
Platform:Intel
Price:Free0.00
Overall (Version 1.x):
Features:
Ease of Use:
Value:
Stability:
Displaying 1-2 of 2
Displaying 1-2 of 2
-
-
-
Please login or create a new
MacUpdate Member account
to use this feature
Watch Lists are available to
MacUpdate Desktop Members
Upgrade Now
Download and auto-install
using MacUpdate Desktop. Save
time moving folders and cleaning-up.
LaunchAsRoot is an app's passport to running as superuser, i.e. with root privileges. It runs as an application and service for launching applications as root user.

How to use : Drag the application (or a document) you wish to launch as root on top of the LaunchAsRoot application icon in the Finder. You will presented with an authentication dialog. Enter the name and password of an administrator to allow the application to be launched by LaunchAsRoot. LaunchAsRoot quits after launching the application.

How to use Service: Control-click on the application (or a document) in the Finder and select "Launch As Root" from the Services contextual submenu. You will presented with an authentication dialog. Enter the name and password of an administrator to allow the application to be launched by LaunchAsRoot. LaunchAsRoot quits after launching the application.

LaunchAsRoot is a part of the Limit Point Software Utilities Bundle : http://www.limit-point.com/Utilities.html. Purchase a Utilities password to activate all the utilities. Updates are free, new products included.
Add/Update Listing About MacUpdate Desktop Career Opportunities RSS Twitter Facebook Advertise Sitemap
Copyright © 2012 MacUpdate LLC


- -