Firemonkey OS X – Request elevated permissions


I’m developing an OS X Firemonkey application that needs to launch “openvpn”, but OpenVPN needs administrator permissions to create the tunnel interface.

I am trying to convert the first sample from this blog post to Delphi:

Attempting to run this code, sometimes results in the authorisation prompt as expected, but clicking OK completely freezes the debugger and whole system needs to be powered off. It works better running without the debugger, but still sometimes will freeze…
I’ve caught the return code before it crashes a couple of times, and it was errAuthorizationToolExecuteFailure

I’m not very familiar with how OSX does things, is there a better method? Apple doesn’t recommend using AuthorizationExecuteWithPrivileges for this. I don’t know of any other way to run openvpn with the permissions it needs.

Macapi.CoreFoundation, Macapi.Foundation, Macapi.Security;


kAuthorizationEmptyEnvironment = nil;

procedure TForm1.Button1Click(Sender: TObject);
AuthRef: AuthorizationRef;
Status: OSStatus;
Status := AuthorizationCreate(nil,kAuthorizationEmptyEnvironment,kAuthorizationFlagDefaults,@AuthRef);
Status := AuthorizationExecuteWithPrivileges(AuthRef,’/sbin/dmesg’,0,”,nil)

Comments are closed.