CodeTyphon / Lazarus

@npalardy Did you install this? I am concerned about their requirement(?)/instructions to add your user to the sudoers file and enabling the “no password prompt”. I don’t know enough about Mac/Unix security to know how much of a security risk this is. Or maybe instead of blanket access, could it be configured with access to only the CodeTyphon related stuff?

Not a blanket access but it could be exploited for sure. The Control Center downloads, install and uninstall things YOU request in the Control Certer, new compilers, libraries, install dependencies, uninstall, etc and does it using scripts with sudo. If this opens a concern to your development machine, this tool is not for you. But you can create a Linux VM and install it there. You can cross-compile Windows and Linux there. Or use a Linux machine with a MacOS VM…

As you see, it’s open source and you can inspect all the code. They never received a report of some intrusion, malware, or whatever as I am concerned. I know the work of Sternas (the guy from PilotLogic) since 2002, so, I just trust it.

I havent yet
Busy week

Adding to the sudoers is basically “grant this thing root like access” which is kind of … why would it need that ?
Definitely a possible path for an exploit

EDIT : ah I see it grabs and installs things that probably require access to privileged locations
Yeah it might get installed into a VM first for testing

I’m not as concerned about the software. I’m more concerned about how this might allow other processes/malware to do nefarious things.

As far as I can tell, adding “ALL=(ALL) NOPASSWD: ALL” to sudoers for your user account is pretty much blanket access, with no prompt. I’d like to hear if you have a more detailed explanation of what this access means. I already searched the PilotLogic forum but couldn’t find anything about why this is needed and what possible trouble it might cause.

I may try allowing the “blanket” access just for the CodeTyphon folder and see if it will work. That should at least contain any possible exploitation to that folder.

So why can’t it just prompt for access when needed? Is this non-prompted access needed for other reasons, or just for convenience? I may try it first without adding anything to sudoers and see what happens.

What happens is compiling fails and whatever. Use a VM.


Well, I was able to install and setup without adding to sudoers, and it seems to work. I ran a sudo command before starting the install because that usually prevents additional password prompts for a little while.

The IDE runs and I am able to run a simple test app, and build it into a normal Mac app bundle. Haven’t looked at building a Windows version yet.

Are you working on a Mac and building for the Mac ?

Or ?
Cross compiling is of interest obviously

If running the CTC to obtain new crosscompiling options, do it again, sudo. And act fast, before sudo powers vanish and fail.

Play with the install and system in a VM a bit. Most of the problems of the system freezing being interrupted asking password in a shell will be almost the same. Don’t know if Sternas made things more “user space” friendly with the years…

Yes, working in macOS 10.13. Cross compiling was successful after using sudo to run CTC (sudo /Applications/ and installing/building Win64 toolchain. After that, ran Typhon IDE normally and compiled simple project. It created a single exe Windows executable! (no additional libraries or folders). Runs fine on my Windows 10 VM. (used these instructions to setup/build Windows app).

1 Like

As mentioned above, use
sudo /Applications/
whenever you need to update/install components or options. Normal operations within IDE seem to work fine.

Would seem at this point some of this thread should land in its own new thread
Perhaps in General Programming ?

Sure. @Garry, any way to move these CodeTyphon posts to a new thread?

Moved !


Welcome to the world of single exe file again. :smiley:

There ARE pros and cons to this depending on how this handles the Windows C runtimes

Does anyone happen to know if they rely on the Windows redistributable or statically link them ?

This thing can do almost anything.