Mac OS X security
- From: "Jerry Hargis" <CCHARGIS@xxxxxxxxxxxxxxxxxx>
- To: <technocracy@xxxxxxxxxxxxxxxxx>
- Date: Tue, 18 Jul 2000 14:18:45 -0500
Although I know that the Mac OS is of limited interest to the majority
of the members, I thought this was at least thought provoking. The
following notes were taken from a technology column (Ask Al) on the
Alsoft web site.
Subject
Mac OS X
Question
What type of access controls does Mac OS X have for files and folders?
Answer
Mac OS X inherits UNIX file and folder access controls which are
similar to those offered by AppleShare. Using these access controls you
can determine which users can execute which applications and which users
can view and/or modify which files and folders.
Under Mac OS X, every user must log in with a password (although it's
possible to log in automatically if you want to treat your Mac as a
single user computer). Access controls are tied to individual users and
groups of users. New files and folders are assigned default access
permissions when they are created.
The creator of a file or folder is known as the owner and can later
widen or narrow the default permissions assigned to it. The owner can
change access to a file or folder by assigning it to a particular user
(who becomes the new owner) and/or a particular group and then assigning
read, write and execute permission to each. There are an additional set
of permissions that can be assigned for all other users.
Subject
Mac OS X
Question
Can you defeat the file and folder access controls of Mac OS X by
starting from a different disk?
Answer
Mac OS X implements UNIX file and folder access controls. If you start
a Mac running Mac OS X from a different disk, you can easily bypass
these access controls. Let's say you start up from a Mac OS 9 CD. Mac OS
9 knows how to access an HFS Plus disk, but it completely ignores any
file ownership and access privileges that you might have set up.
UNIX file and folder access controls work best on remote users. To
ensure the security of your files you'll need to prevent someone from
restarting your Mac. You can either prevent physical access to your Mac
or modify it in some way to prevent restarting from another disk.
Other related posts:
