I'm developing a macOS desktop application that interfaces with Homebrew. It does this by calling actual shell commands. Sometimes brew needs the user's password to complete some tasks and I want to provide a graphical way for the user to enter the password, which can be done with the SUDO_ASKPASS environment variable. I am looking for the most secure way to implement a GUI sudo dialog. Here are the options I have considered so far:
1. AppleScript "do shell script with administrator privileges"
osascript -e 'do shell script "{script_here}" with administrator privileges'
This method invokes the system prompt and runs the script with admin privileges, which is good, but unfortunately, brew doesn't allow you to run it directly with sudo. So this is not an option.
2. Simple AppleScript
osascript -e 'text returned of (display dialog "Enter password:" default answer "" with hidden answer)' 2> /dev/null
This method uses some simple AppleScript to ask for the password and echoes it out. I don't think this option would be secure at all.
3. Simple SwiftUI app
I was thinking of making a simple SwiftUI app, this does essentially the same as the 2nd option, but I'm not sure if it's more secure. Some sample code:
struct ContentView: View {
@State private var password = ""
var body: some View {
VStack {
Text("Enter your password:")
SecureField("Password", text: $password)
Button("OK") {
print(password)
exit(0)
}
}
.padding()
}
}
4. Pinentry (GPG Tools)
My application currently uses this option, but it's a bit convoluted. PINEntry is a passphrase entry dialog from GPG Tools, which should be theoretically secure as far as I understand. This seems to be the best option at the moment, but I would be happy if someone could suggest something better.