Secure install mode

[kaznovac]

Verification

• This issue's title and/or description do not reference a single formula e.g. brew install wget. If they do, open an issue at https://github.com/Homebrew/homebrew-core/issues/new/choose instead.

Provide a detailed description of the proposed feature

As a system administrator I'd like to have an option in brew so that install an update actions would require elevated privileges (sudo) and that installed software file owners and access permissions stay as hardened as possible.

Thanks for consideration <3

What is the motivation for the feature?

Security

How will the feature be relevant to at least 90% of Homebrew users?

Security

What alternatives to the feature have been considered?

• AppStore (Apple does this best)
• pkgsrc from Joynent (quite good, but slow to get the new software)
• Nix (steep learning curve and complicated software management - but offers unique 'reproducible software' guarantees)
• MacPorts
• Hardening some of the permissions by hand

[Bo98]

Installing Homebrew as another user sounds roughly what you want? Other than that, multiple user accounts is not something we officially support at the moment, but it may work good enough for you already.

[MikeMcQuaid]

Passing on this, sorry.

[kaznovac]

@Bo98 That's near good enough idea (forces you to sudo to that brew account), a bit more secure but leaves installed apps vulnerable to all of that user processes.

Thanks