Apple's recommended way to do what you want is as follows:
- allocate material that requires a privileged operation to a separate executable file (the material that libpcap uses for you).
- when an application needs to run a privileged exe, it creates an authorization link and checks if the user can allow (known as pre-authorization) and passes the external authorization link to the privileged exe.
- At the first start, privileged exe again receives authorization before attempting to make privileged material.
For the above action to work, the privileged exe must be installed as belonging to root with the setuid bit set. You can either do this with the help of the package manufacturer, or create what Apple offers a self-service tool . This is a tool that checks if it works as root, and if it does not call itself through AuthorizationExecuteWithPrivileges to restore the setuid bit and ownership. He then performs authorization for the operation and performs the operation.
If you use a self-learning tool, you can link it to your application and use the drag and drop process.
I highly recommend that you read the entire Authorization Programming Guide . He talks about all these things in more detail and includes sample code.