Macos – Understanding homebrew ‘no-sudo’ philosophy and questioning FAQ


Having fresh install of OS X, I decided to install python package manager in proper way. So I started googling and found homebrew is the best way.
Now I got two questions:

  • from homebrew FAQ:

Homebrew is designed to work without using sudo.

However the install script asks for password. That's because the actual user is given permission to read,write,execute the usr/local… dirs as being admin's group member. Thus, instead of asking sudo each time, homebrew asks it once.
Nevertheless the rules are broken since you have to use sudo yes or yes.

I was afraid of using sudo with python when installing packages. This is why I decided for homebrew. But isn't it the same actually?

If this is true, I see it unsafe to let homebrewed programs to do what the y want to do since they have root permissions.

  • from homebrew FAQ:

/usr/local/bin is already in your PATH.

Then why I need to

insert the Homebrew directory at the top of your PATH

as it's said in ?

Commands homebrew's install script executed:

/usr/bin/sudo /bin/chmod g+rwx /usr/local/. /usr/local/include /usr/local/lib /usr/local/lib/pkgconfig

/usr/bin/sudo /usr/bin/chgrp admin /usr/local/. /usr/local/include /usr/local/lib /usr/local/lib/pkgconfig

Best Answer

They say to put /usr/local/bin/ at the top of your $PATH so that homebrewed programs are found before system ones. For example, if you use the homebrew version of python, the system one in /usr/bin/python will get called before /usr/local/bin/python unless /usr/local/bin is before /usr/bin in your $PATH, even though /usr/local/bin is already in your $PATH.