On Nov 1, 2007, at 3:11 PM, Roland Dobbins wrote:

> This brings up an interesting point - how many Mac users go to the
> trouble of setting up a nonprivileged account and then do their
> normal work under that?

I do, and I encourage my clients to as well. However, I think your
assessment is right: very few do.

> I don't know, but my guess is that it's a pretty low percentage,
> especially as, at least with Tiger, one runs into some issues such
> as borked /Applications perms/ownership which require a *NIX
> background to even understand, much less remedy.

This is something I can't corroborate: I've almost never had issues
running as non-admin. I can recall some early apps that didn't run
under non-admin accounts, such as FinalCut Pro v1 and v2, but those
were really the exception.

> How many Mac users have been faced with a seemingly-random request
> to grant a non-obvious background app/utility Keychain access, not
> to mention commonly-used apps asking for it without an easily-
> discerned reason? And in such situation, what do they typically
> tend to do (I've my own opinion about this, but clue welcomed).

Here's the trick to all of this, and it's one thing that makes the Mac
so much less vulnerable than Windows: even admin level accounts get
prompted for authentication. Even if you're running as admin, nothing
silently slips by you from an installer.

Again, though, I'll agree with your assessment: most people see the
dialog and click on the affirmative action.
--
Edward R. Marczak
e: marczak (at) radiotope (dot) com [email concealed]
w: http://www.radiotope.com
b: http://www.radiotope.com/writing

0? *?H?÷

 ?0?

10 +0? *?H?÷


 ?+0?ä0?M 
²¶=Ü-Ã.ó?Íq²0
 *?H?÷


0b10 UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA0
070620144549Z
080619144549Z0G10UThawte Freemail Member1$0" *?H?÷


marczak (at) radiotope (dot) com0 [email concealed]?
"0
 *?H?÷



?
0?

?

ÒíÊ0 x[¼{^Éý3NBäë¦x}Å÷6wüá!iÓaô& ¤áÒZM\îy2`®?^ÑSXjXY?«&ª¤KÄØHÄK7¢½Å8=Ôr¾fïæ|ýû| )?xw?Ä8u]*?òß$N?`³G?ë
¿º?®µ???!?;êAßYÓü¸Ë +òY5Ý/~Â?½cú!bT¬R?N&lïFWm8ÔjÐ?Âqò)Quuý???Ê?ð
Y(??͏_V8mÊ¿x4¸ý?
0 b?Ë<c£k??üGAÇ?©d?[A@¥? wF?c??¢z\¶?YäÝÎ{PO¸ÓOÊÝù·

£2000 U0marczak (at) radiotope (dot) com0 [email concealed]U

ÿ00
 *?H?÷


¡_EôÇsÙ\?ç®Y p?L?F½4·?XHÕz)?? ??p²¨?
DÈ+Ùų?å?ÖÅld¬ÓÐKðL?m\û?¿©[Vx |é:Ùr<??9?üP³Ê??0ïË.ô¨ôþ?tL,JÕ}É8:nw¢¯bA0??0?¨ 


0
 *?H?÷


0Ñ10 UZA10UWestern Cape10U Cape Town10U
Thawte Consulting1(0&UCertification Services Division1$0"UThawte Personal Freemail CA1+0) *?H?÷


personal-freemail (at) thawte (dot) com0 [email concealed]
030717000000Z
130716235959Z0b10 UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA0?0
 *?H?÷



0?Ä¦<UsUûN¹Ê?ZhÀupßéÿ£ì½Íõ[òv½:aò¿QÎ
ÔåP
0×cZ,?p?ÝÉð+?Zª?qV˯<çñ?6$*Ï+Õó?w=¾+þ»>¿@?dק¦»?eÑÅ*T?H§¶Ñ<
a@dr`·û

£?0?0U

ÿ0

ÿ
0CU<0:08 6 4?2http://crl.tha
wte.com/ThawtePersonalFreemailCA.crl0U
0)U"0 ¤010UPrivateLabel2-1380
 *?H?÷


H?ÑP?ê.Ì
£f¬g¯¬¾Â¡C??L!¸ø6ª-?6/ÀôP ?p<ý­áabÃÙ:~?±?Å?t?%P?bÇÛ'qW%Ý©?9?? Oe_?Ú÷÷?ÖÆN®öê4å[5MwãV!x?Ü!5Þ$±ÓFÿ]_eO1?0?

0v0b10 UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA²¶=Ü-Ã.ó?Íq²0 + ?
o0 *?H?÷

1 *?H?÷


0 *?H?÷

1
071101193138Z0# *?H?÷

1lgÝLlÝ]|Ã*t?ÂXi?¶m0? +

?71x0v0b10 UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA²¶=Ü-Ã.ó?Íq²0?*?H?÷

1x v0b10 UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA²¶=Ü-Ã.ó?Íq²0
 *?H?÷



?
J=?lcd¼é?æ·üßû?é@?GÅjyt?TÁ¥Ê½?ÅQ£ÇçUö% 6k\í¹­?¢»T¹kfÛ
wúóY~ÑYK,SÍèTÆ«ª5{°£A¶:ò@`½#"°ë¶ A¸®4ßsÿ?s¼?>^8;isÑà¸ÿS3Æø³?Sâ;â??Ò²¢z;l̳EZ6{q$8 ñ?:Â?e
°?%¶²mÈ0!êµÊ?»E(
zsÕË"ûÐ=I?¦µ
o"lÂõê-ÄÖ¿?¶?ï º9-vî¤òlN?ã?e¶5Èåø»)¢Ô{i??Nr50>pf}

[ reply ]