I know that when I use "sudo" an application can run under root, or if a window appears saying "Application wants to make changes to the system, enter your password for this", they will also run under root.
Processes cannot always run under root, which is why there are, for example, LaunchDaemons and LaunchAgents, which run the processes under root after the system is started.
Are there other ways that processes always run root
(after approval via sudo or with the Make Change window), for example if they are started manually?
Or better: Does it say somewhere that you have permission for root so that you always start as root?
Please correct me if I said anything wrong.
Best Answer
The setuid bit could be set on an executable.
https://en.wikipedia.org/wiki/Setuid
If setuid is applied and the binary is owned by root (and on macOS the entire directory hierarchy to that file is also owned by root), then the binary executes as root regardless of the current user.
You can find all setuid & root binaries using