Advertisement
xosski

MacOS security two

Oct 29th, 2024 (edited)
19
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.83 KB | None | 0 0
  1. #!/bin/bash
  2.  
  3. # Function to update a specific authorization right
  4. update_authorization_right() {
  5. local right=$1
  6. local plist_file="/tmp/${right}.plist"
  7.  
  8. # Read the current configuration
  9. sudo security authorizationdb read "$right" > "$plist_file"
  10.  
  11. # Create the new plist content
  12. cat <<EOF > "$plist_file"
  13. <?xml version="1.0" encoding="UTF-8"?>
  14. <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
  15. <plist version="1.0">
  16. <dict>
  17. <key>allow-root</key>
  18. <true/>
  19. <key>authenticate-user</key>
  20. <true/>
  21. <key>class</key>
  22. <string>user</string>
  23. <key>comment</key>
  24. <string>Checked by the Admin framework when making changes to the Security preference pane.</string>
  25. <key>created</key>
  26. <real>$(date +%s)</real>
  27. <key>group</key>
  28. <array>
  29. <string>admin</string>
  30. <string>staff</string>
  31. </array>
  32. <key>modified</key>
  33. <real>$(date +%s)</real>
  34. <key>session-owner</key>
  35. <false/>
  36. <key>shared</key>
  37. <false/>
  38. <key>timeout</key>
  39. <integer>2147483647</integer>
  40. <key>tries</key>
  41. <integer>10000</integer>
  42. <key>version</key>
  43. <integer>0</integer>
  44. </dict>
  45. </plist>
  46. EOF
  47.  
  48. # Write the modified configuration back to the authorization database
  49. sudo security authorizationdb write "$right" < "$plist_file"
  50.  
  51. # Clean up
  52. rm "$plist_file"
  53.  
  54. echo "Updated authorization right: $right"
  55. }
  56.  
  57. # List of rights to update
  58. rights=(
  59. "system.preferences.security"
  60. "system.preferences.accessibility"
  61. "system.preferences.full-disk-access"
  62. )
  63.  
  64. # Update each right
  65. for right in "${rights[@]}"; do
  66. update_authorization_right "$right"
  67. done
  68.  
  69. echo "All specified authorization rights have been updated to include both admin and staff groups."
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement