LaunchAsRoot
Your rating: Now say why...

(5) 3.7

Run applications with root privileges.   Free
Add to my Watch List
Email me when discounted
LaunchAsRoot is an app's passport to running as superuser, i.e. with root privileges. It runs as an application and service for launching applications as root user.

How to use : Drag the application (or a document) you wish to launch as root on top of the LaunchAsRoot application icon in the Finder. You will presented with an authentication dialog. Enter the name and password of an administrator to allow the application to be launched by LaunchAsRoot. LaunchAsRoot quits after launching the application.

How to use Service: Control-click on the application (or a document)
Requirements
Intel, Mac OS X 10.6.6 or later



MacUpdate - LaunchAsRoot




  • Pseudo
    +1

  • Chalaut
    +1
LaunchAsRoot User Discussion (Write a Review)
ver. 1.x:
(5)
Your rating: Now say why...
Overall:
(5)

sort: smiles | time
burypromote
+1

+1

luvis reviewed on 17 Jan 2013
It does what it says it does. Nothing more, nothing less. And it's free. I see no idea why I would rate it less than 5
Thanks developer!
[Version 1.0]


burypromote

+18

Bluepolo reviewed on 01 Nov 2011
This is a useful little application. I don't run as an Admin, so when I need to run an App as root eg TrueCrypt, I could run the command line

open -a LaunchAsRoot /Applications/TrueCrypt.app/Contents/MacOS/TrueCrypt

which replaces

su root_account -c "/Applications/TrueCrypt.app/Contents/MacOS/TrueCrypt &"

or if you can find Pseudo you can build an AppleScript to create an App that you can run. Pseudo is PPC code so you need Rosetta, which means no can do with Lion.

This page handily gives some options

http://www.hutsby.net/2011/10/using-truecrypt-on-osx-as-non.html
[Version 1.0]


burypromote
-9

-48

HackDefendr reviewed on 19 May 2011
This looks to be the perfect application black hat's would search for to help install their malware without prompting a user for credentials.

FAIL for SECURITY
[Version 1.0]

6 Replies

burypromote
+2

+143
Borlox replied on 19 May 2011
It does prompt for credentials.
burypromote
+2

+17
Scottyo replied on 19 May 2011
Sounds like it basically implements

sudo open -a appname

which is already easily done no matter the color of your hat, and wouldn't appear to add any vulnerabilities, since the secret sauce is still your admin credentials.

I think 1 star is a rather harsh rating. I haven't had occasion to use it it, so can't rate it yet myself.
burypromote

+680
sjk replied on 21 May 2011
Run "sudo open -a TextEdit" and the saved file will be owned by the current user. Open TextEdit with LaunchAsRoot and the saved file will be owned by root.
burypromote

+17
Scottyo replied on 21 May 2011
< >

Yes, but you can chown to any account anyway once you own the file, so it still doesn't basically increase the risk level, though inadvertent chowning to root could *possibly* open a hole if other permissions are bad, but I don't see an exploit.
burypromote

+680
sjk replied on 22 May 2011
.
> "… you can chown to any account anyway once you own the file …"

Huh?

> so it still doesn't basically increase the risk level, though inadvertent chowning to root could *possibly* open a hole if other permissions are bad, but I don't see an exploit.

I don't understand your reasoning, though maybe we agree that LaunchAsRoot isn't opening exploits to anything that's not already possible in other ways?

If anything, Oldr4ver might want to validate his claim that LaunchAsRoot doesn't prompt for credentials. It did for at least Borlox, and me.
burypromote

+17
Scottyo replied on 22 May 2011
>> "… you can chown to any account anyway once you own the file …"

>Huh?

Sorry, using chown, you can assign ownership of any file you own to anyone else in the system (but I either have a mis-memory or something has changed. Back in the 80s, on HP-UX at least, chown could be executed by anyone but only worked on files you owned, whereas now it's only available to root [and via sudo of course]). I was addressing the following:

>Run "sudo open -a TextEdit" and the saved file will be owned by the current user. Open TextEdit with LaunchAsRoot and the saved file will be owned by root.

So after running the sudo command above you could
sudo chown root theFile
thereby achieving the same end as the LaunchAsRoot version. So LaunchAsRoot has only made it convenient, but hasn't added to the cracker's arsenal.

Of course, if you can sudo, you're already in like Flynn anyway. And if you don't know the ownership difference between the two invocations when saving a file, you could be surprised (unpleasantly if execute is set) by root owning it in the LaunchAsRoot case. BTW I haven't verified that difference.

>I don't understand your reasoning, though maybe we agree that LaunchAsRoot isn't opening exploits to anything that's not already possible in other ways?

>If anything, Oldr4ver might want to validate his claim that LaunchAsRoot doesn't prompt for credentials. It did for at least Borlox, and me.

If it indeed always prompts foe sudoer credentials (not sure how it could work otherwise), then we're agreed: LaunchAsRoot is not adding capabilities/exploits, just making it more convenient to do something that was already doable.

Sorry, much of the confusion was probably caused by my mistaken assumption that chown could (still) be used by any user rather than just by root and sudoers.
There are currently no troubleshooting comments. If you are experiencing a problem with this app, please post a comment.


Hidetani rated on 19 May 2011

[Version 1.0]



+39

Loukash rated on 19 May 2011

[Version 1.0]


Downloads:7,881
Version Downloads:7,881
Type:Utilities : Desktop
License:Free
Date:19 May 2011
Platform:Intel 32 / OS X
Price:Free0.00
Overall (Version 1.x):
Features:
Ease of Use:
Value:
Stability:
Displaying 1-3 of 3
Displaying 1-2 of 2
-
-
-
Please login or create a new
MacUpdate Member account
to use this feature
Watch Lists are available to
MacUpdate Desktop Members
Upgrade Now
Install with MacUpdate Desktop.
Save time moving files & cleaning
up space wasting archives.
LaunchAsRoot is an app's passport to running as superuser, i.e. with root privileges. It runs as an application and service for launching applications as root user.

How to use : Drag the application (or a document) you wish to launch as root on top of the LaunchAsRoot application icon in the Finder. You will presented with an authentication dialog. Enter the name and password of an administrator to allow the application to be launched by LaunchAsRoot. LaunchAsRoot quits after launching the application.

How to use Service: Control-click on the application (or a document) in the Finder and select "Launch As Root" from the Services contextual submenu. You will presented with an authentication dialog. Enter the name and password of an administrator to allow the application to be launched by LaunchAsRoot. LaunchAsRoot quits after launching the application.

LaunchAsRoot is a part of the Limit Point Software Utilities Bundle : http://www.limit-point.com/Utilities.html. Purchase a Utilities password to activate all the utilities. Updates are free, new products included.


- -