Posted by: @johngaver
You can build an "always elevate" package with it for macOS
If I recall correctly, there is this one "officially supported" exception (an installer) where elevated privileges can be used. Well, up to a point anyway.
I found this to be a mixed bag as well.
Posted by: @johngaver
no more attachments are allowed today
Yeah, the forum has been setup that I need to approve 5 of your posts before you can add attachments. Sorry about the inconvenience - too many annoying people out there spamming 😞
Posted by: @johngaver
AuthorizationExecuteWithPrivileges
I do not have an example for AuthorizationExecuteWithPrivileges and I doubt it will work. It's been deprecated quite a while now and for security reasons I'm sure Apple removed it.
Sounds like you're running in circles now as well - I know the feeling, done that, been there and to be honest I'm not thrilled with what Apple has done there.
If I understand this right, you're trying to write in "/Library/Application Support/" which should be accessible, even with SIP enabled.
However, just like you, I ran into the "Access Denied" issue. I even tried signing and notarizing the test app - no luck.
So it looks like you will have to consider using a Helper tool (I really don't like that).
Now having said that and not being 100% sure why you want the info to be shared, but I have the impression that Apple wants us to use this path for sharing configs:
/Users/Shared/Library/Application Support/
I did a test and I do have full access there. For example (Pascal):
MkDir('/Users/Shared/Library/Application Support/TestDir');
I usually use this function to determine preferences path and such, but it doesn't cover the "/Users/Shared/Library" I just mentioned.
Which is odd, since it is using the proper API calls to get the paths ...
// add to uses: MacOSAll
function GetPreferencesFolder(AllUsers:boolean; ApplicationSupport:boolean; CreateDir:boolean): String;
var
theError : OSErr;
theRef : FSRef;
myFolderType : UInt32;
pathBuffer : PChar;
const
kMaxPath = 1024;
begin
Result := '';
try
pathBuffer := Allocmem(kMaxPath);
try
Fillchar(pathBuffer^, kMaxPath, #0);
Fillchar(theRef, Sizeof(theRef), #0);
if ApplicationSupport then
myFolderType:=kApplicationSupportFolderType
else
myFolderType:=kPreferencesFolderType;
if AllUsers then
theError := FSFindFolder(kLocalDomain, myFolderType, kDontCreateFolder, theRef)
else
theError := FSFindFolder(kUserDomain , myFolderType, kDontCreateFolder, theRef);
if (pathBuffer <> nil) and (theError = noErr) then
begin
theError := FSRefMakePath(theRef, pathBuffer, kMaxPath);
if theError = noErr then
Result := UTF8ToAnsi(StrPas(pathBuffer)) + DirectorySeparator + Application.Title + DirectorySeparator;
end;
Freemem(pathBuffer);
except
Result := '';
end;
except
Result := '';
end;
if Result='' then
// Sloppy method in case the official method fails
Result:= BoolToStr(AllUsers,'/Library/',ExpandFileName('~/Library/'))+
BoolToStr(ApplicationSupport,'Application Support/','Preferences/')+
Application.Title + DirectorySeparator;
if CreateDir and not(DirectoryExists(Result)) then
mkDir(Result);
end;
Maybe this helps 😊