Focus on Apple
Mac Trojan Nov 01 2007 12:26PM
David Harley (david a harley gmail com) (1 replies)
Re: Mac Trojan Nov 01 2007 06:45PM
Dave Schroeder (das doit wisc edu) (2 replies)
Re: Mac Trojan Nov 01 2007 08:34PM
David Fedoruk (david fedoruk gmail com) (1 replies)
RE: Mac Trojan Nov 06 2007 06:41PM
Todd Woodward (todd_woodward symantec com) (1 replies)
RE: Mac Trojan Nov 06 2007 08:07PM
Paul Schmehl (pauls utdallas edu) (1 replies)
Re: Mac Trojan Nov 06 2007 09:10PM
Philippe Devallois (phdevallois intego com) (3 replies)
Mac OS X Security and Common Sense Nov 07 2007 07:03PM
Todd Woodward (todd_woodward symantec com) (2 replies)
RE: Mac OS X Security and Common Sense Nov 07 2007 07:57PM
David Harley (david a harley gmail com) (1 replies)
Re: Mac OS X Security and Common Sense Nov 07 2007 08:28PM
Radoslav Dejanoviæ (radoslav dejanovic opsus hr) (1 replies)
RE: Mac OS X Security and Common Sense Nov 11 2007 04:09PM
David Harley (david a harley gmail com) (1 replies)
Re: Mac OS X Security and Common Sense Nov 11 2007 05:32PM
Radoslav Dejanoviæ (radoslav dejanovic opsus hr) (2 replies)
Re: Mac OS X Security and Common Sense Nov 12 2007 04:52PM
Paul Schmehl (pauls utdallas edu) (1 replies)
RE: Mac OS X Security and Common Sense Nov 13 2007 04:12PM
Thor \(Hammer of God\) (thor hammerofgod com)
RE: Mac OS X Security and Common Sense Nov 11 2007 07:33PM
David Harley (david a harley gmail com) (1 replies)
Re: Mac OS X Security and Common Sense Nov 11 2007 09:01PM
Radoslav Dejanoviæ (radoslav dejanovic opsus hr) (1 replies)
RE: Mac OS X Security and Common Sense Nov 12 2007 09:43AM
David Harley (david a harley gmail com)
Re: Mac OS X Security and Common Sense Nov 07 2007 07:30PM
Paul Schmehl (pauls utdallas edu)
Re: Mac Trojan Nov 07 2007 04:33PM
Kevin Long (kevin long verizonbusiness com) (3 replies)
Re: Mac Trojan Nov 14 2007 01:32PM
Dave Piscitello (dave corecom com) (1 replies)
Re: Mac Trojan and Last Security Update Nov 15 2007 03:03PM
Philippe Devallois (phdevallois intego com) (1 replies)
RE: Mac Trojan and Last Security Update Nov 15 2007 08:01PM
David Harley (david a harley gmail com)
Re: Mac Trojan Nov 07 2007 05:35PM
Paul Schmehl (pauls utdallas edu)
Re: Mac Trojan Nov 07 2007 05:31PM
Radoslav Dejanoviæ (radoslav dejanovic opsus hr)
RE: Mac Trojan [and a proposed book] Nov 07 2007 11:59AM
David Harley (david a harley gmail com)
Privileged vs. non-privileged? (was Re: Mac Trojan) Nov 01 2007 07:11PM
Roland Dobbins (rdobbins cisco com) (6 replies)
RE: Privileged vs. non-privileged? (was Re: Mac Trojan) Nov 01 2007 10:33PM
Thor \(Hammer of God\) (thor hammerofgod com) (1 replies)
RE: Privileged vs. non-privileged? (was Re: Mac Trojan) Nov 01 2007 09:08PM
John Ladwig (John Ladwig csu mnscu edu)
Privileged vs. non-privileged? (was Re: Mac Trojan) Nov 01 2007 08:13PM
John Ladwig (John Ladwig csu mnscu edu)
Re: Privileged vs. non-privileged? (was Re: Mac Trojan) Nov 01 2007 07:31PM
Edward R. Marczak (marczak radiotope com) (1 replies)

On Nov 1, 2007, at 3:11 PM, Roland Dobbins wrote:

> This brings up an interesting point - how many Mac users go to the
> trouble of setting up a nonprivileged account and then do their
> normal work under that?

I do, and I encourage my clients to as well. However, I think your
assessment is right: very few do.

> I don't know, but my guess is that it's a pretty low percentage,
> especially as, at least with Tiger, one runs into some issues such
> as borked /Applications perms/ownership which require a *NIX
> background to even understand, much less remedy.

This is something I can't corroborate: I've almost never had issues
running as non-admin. I can recall some early apps that didn't run
under non-admin accounts, such as FinalCut Pro v1 and v2, but those
were really the exception.

> How many Mac users have been faced with a seemingly-random request
> to grant a non-obvious background app/utility Keychain access, not
> to mention commonly-used apps asking for it without an easily-
> discerned reason? And in such situation, what do they typically
> tend to do (I've my own opinion about this, but clue welcomed).

Here's the trick to all of this, and it's one thing that makes the Mac
so much less vulnerable than Windows: even admin level accounts get
prompted for authentication. Even if you're running as admin, nothing
silently slips by you from an installer.

Again, though, I'll agree with your assessment: most people see the
dialog and click on the affirmative action.
--
Edward R. Marczak
e: marczak (at) radiotope (dot) com [email concealed]
w: http://www.radiotope.com
b: http://www.radiotope.com/writing

0? *?H?÷
 ?0?1 0 +0? *?H?÷
 ?+0?ä0?M ²¶=Ü-Ã.ó?Íq²0
 *?H?÷
0b1 0 UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA0
070620144549Z
080619144549Z0G10UThawte Freemail Member1$0" *?H?÷
 marczak (at) radiotope (dot) com0 [email concealed]?"0
 *?H?÷
?0?
?ÒíÊ0 x[¼{^Éý3NBäë¦x}Å÷6wüá!iÓaô& ¤áÒZM\îy2`®?^ÑSXjXY?«&ª¤KÄØHÄK7¢½Å8=Ôr¾fïæ|ýû| )?xw?Ä8u]*?òß$N?`³G?ë
¿º?®µ???!?;êAßYÓü¸Ë +òY5Ý/~Â?½cú!bT¬R?N&lïFWm 8ÔjÐ?Âqò)Quuý???Ê?ð
Y(??͏_V8mÊ¿x4¸ý?0 b?Ë<c£k??üGAÇ?©d?[A@¥? wF?c??¢z\¶?YäÝÎ{PO¸ÓOÊÝù·£2000 U0marczak (at) radiotope (dot) com0 [email concealed] Uÿ00
 *?H?÷
¡_EôÇsÙ\?ç®Y p?L? F½4·?XHÕz)?? ??p²¨?
DÈ+Ùų?å?ÖÅld¬ÓÐKðL?m\û?¿©[Vx |é:Ùr<?? 9?üP³Ê??0ïË.ô¨ôþ?tL,JÕ}É8:nw¢¯bA0??0?¨ 
0
 *?H?÷
0Ñ1 0 UZA10U Western Cape10U Cape Town10U
Thawte Consulting1(0&U Certification Services Division1$0"UThawte Personal Freemail CA1+0) *?H?÷
 personal-freemail (at) thawte (dot) com0 [email concealed]
030717000000Z
130716235959Z0b1 0 UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA0?0
 *?H?÷
0?Ä¦<UsUûN¹Ê?ZhÀupßéÿ£ì½Íõ[òv½ :aò¿QÎÔåP
0×cZ,?p?ÝÉð+?Zª?qV˯< çñ?6$*Ï+Õó?w=¾+þ»>¿@?dק¦»?eÑÅ*T?H§¶Ñ<
a@dr`·û£?0?0Uÿ0ÿ0CU<0:08 6 4?2http://crl.tha
wte.com/ThawtePersonalFreemailCA.crl0 U0)U"0 ¤010UPrivateLabel2-1380
 *?H?÷
H?ÑP?ê .Ì
£f¬g¯¬¾Â¡C??L!¸ø6ª-?6/ÀôP ?p<ý­áabÃÙ:~?±?Å ?t?%P?bÇÛ'qW%Ý©?9?? Oe_?Ú÷÷?ÖÆN®öê4å[5MwãV!x?Ü!5Þ$±ÓFÿ]_eO1?0? 0v0b1 0 UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA²¶=Ü-Ã.ó?Íq²0 + ?o0 *?H?÷
 1  *?H?÷
0 *?H?÷
 1
071101193138Z0# *?H?÷
 1lgÝLlÝ]|Ã*t?ÂXi?¶m0? +?71x0v0b1 0 UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA²¶=Ü-Ã.ó?Íq²0? *?H?÷
  1x v0b1 0 UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA²¶=Ü-Ã.ó?Íq²0
 *?H?÷
?J=?lcd¼é?æ·üßû?é@?GÅjyt?TÁ¥Ê½?ÅQ£ÇçUö% 6k\í¹­?¢»T ¹kfÛ
wúóY~ÑYK,SÍèT Æ« ª5{°£A¶:ò@`½#"°ë¶ A¸®4ßs ÿ?s¼?>^8;isÑà¸ÿS3Æø³?Sâ;â??Ò²¢z;l̳EZ6{q$8 ñ?:Â?e
°?%¶²m È0!êµÊ?»E(
zsÕË"ûÐ=I?¦µo"lÂõê-ÄÖ¿?¶?ï º9-vî¤òl N?ã?e¶5Èåø»)¢Ô{i??Nr50>pf}

[ reply ]
Re: Privileged vs. non-privileged? (was Re: Mac Trojan) Nov 02 2007 01:35AM
Roland Dobbins (rdobbins cisco com)
RE: Privileged vs. non-privileged? (was Re: Mac Trojan) Nov 01 2007 07:29PM
Todd Woodward (todd_woodward symantec com) (1 replies)
Re: Privileged vs. non-privileged? (was Re: Mac Trojan) Nov 01 2007 07:45PM
Edward R. Marczak (marczak radiotope com) (1 replies)
RE: Privileged vs. non-privileged? (was Re: Mac Trojan) Nov 01 2007 08:05PM
Todd Woodward (todd_woodward symantec com) (1 replies)
Re: Privileged vs. non-privileged? (was Re: Mac Trojan) Nov 01 2007 09:14PM
Edward R. Marczak (marczak radiotope com) (1 replies)
RE: Privileged vs. non-privileged? (was Re: Mac Trojan) Nov 04 2007 09:25PM
Thor \(Hammer of God\) (thor hammerofgod com) (3 replies)
RE: Privileged vs. non-privileged? (was Re: Mac Trojan) Nov 05 2007 03:24PM
Paul Schmehl (pauls utdallas edu) (2 replies)
RE: Privileged vs. non-privileged? (was Re: Mac Trojan) Nov 05 2007 07:26PM
Chris Pepper (pepper reppep com)
RE: Privileged vs. non-privileged? (was Re: Mac Trojan) Nov 05 2007 06:14PM
Jeramey Valley (ValleyJR mps k12 mi us) (1 replies)
RE: Privileged vs. non-privileged? (was Re: Mac Trojan) Nov 05 2007 07:25PM
Paul Schmehl (pauls utdallas edu) (1 replies)
RE: Privileged vs. non-privileged? (was Re: Mac Trojan) Nov 05 2007 11:39PM
Thor \(Hammer of God\) (thor hammerofgod com) (1 replies)
RE: Privileged vs. non-privileged? (was Re: Mac Trojan) Nov 05 2007 08:14PM
Jeramey Valley (ValleyJR mps k12 mi us) (1 replies)
RE: Privileged vs. non-privileged? (was Re: Mac Trojan) Nov 06 2007 01:09AM
Thor \(Hammer of God\) (thor hammerofgod com) (2 replies)
RE: Privileged vs. non-privileged? (was Re: Mac Trojan) Nov 06 2007 05:59PM
Paul Schmehl (pauls utdallas edu)
RE: Privileged vs. non-privileged? (was Re: Mac Trojan) Nov 06 2007 12:13PM
Jeramey Valley (ValleyJR mps k12 mi us)
RE: Privileged vs. non-privileged? (was Re: Mac Trojan) Nov 04 2007 11:25PM
Thor \(Hammer of God\) (thor hammerofgod com)
RE: Privileged vs. non-privileged? (was Re: Mac Trojan) Nov 04 2007 08:29PM
Todd Woodward (todd_woodward symantec com)
Re: Privileged vs. non-privileged? (was Re: Mac Trojan) Nov 01 2007 07:22PM
Dave Schroeder (das doit wisc edu)
Re: Privileged vs. non-privileged? (was Re: Mac Trojan) Nov 01 2007 07:16PM
Jason Pruim (japruim raoset com)


 

Privacy Statement
Copyright 2010, SecurityFocus