PDA

View Full Version : Admin Or Standard



Wheels
10th September 2005, 04:21 PM
Hi,

On Windows XP, I knew that I should always use the limited account for normal day to day stuff and not to use the admin account unless I needed to because otherwise the computerwould be more vunerable. Is this the case with a Mac too? Should I set my ordinary account to standard or limited it leave it as Administrator?

wheels8989

iSlayer
10th September 2005, 04:32 PM
On a mac the admin account is fine.
I think you will find most people use it as the first account is an admin account by Default.

BiRDBRAiN
10th September 2005, 05:01 PM
I think you will find that the vulnerabilities you needed to worry about on WinXP don't exist on Mac OS X.

Most of the time, when installing or making system changes you need to manually authenticate anyway.

Graham
10th September 2005, 09:05 PM
I use an admin account on my machine but I've got a bit of experience. I've just set my parents up with their new system and given them a standard user account. However, I have also provided them with an admin account and told them when to use it (mainly for installing). They're happy with that arrangement because it prevents them from accidently deleting things such as applications but they still have the ability to do everything.

AusMac
10th September 2005, 11:13 PM
It is a heirachal system(which doesn't sound all that great). However it works because the heirachy is one of both capability and experience in use.
The most experienced or capable will find being Admin fine. Though a Mac is safer to use and less prone to virus spreading than your average handkerchief, some people need to be protected from themselves, in fact probably most of us do.

feeze
11th September 2005, 12:39 AM
A Mac OS X administrator is not the equivalent to an Windows administrator.

On Windows, administrator is the highest level user and has full privileges. This means an admin has read/write access to every file in the system (well nearly every file), this includes system files. This is one of the reason why malware is so prolific on Windows systems.

On Mac OS X, an admin is not the highest level user. The highest level user is root, which is disabled by default. So unless you foolishly authenticate an malicious app, your fairly safe. Although I am not sure if this is even true in Tiger for certain files, for example the other day I tried to change the background of the widget drawer in dashboard (/System/Library/CoreServices/Dock.app/Contents/Resources/perf.png), authenticated and was promptly denied. I'm not sure if this is something specific to my system or is the way the system is designed. Anyway nothing sudo couldn't fix :)

Danamania
11th September 2005, 11:21 AM
Originally posted by wheels8989@Sep 10 2005, 04:21 PM
On Windows XP, I knew that I should always use the limited account for normal day to day stuff and not to use the admin account unless I needed to because otherwise the computerwould be more vunerable. Is this the case with a Mac too? Should I set my ordinary account to standard or limited it leave it as Administrator?
as feeze said above - but clarifying. The admin user in OS X doesn't automatically get access to any part of the system. That is, if an application runs under the admin user on OS X, it *cannot* modify many parts of the system without asking you for a password to do so. After you give it that permission it can do anything, but in the general scheme of things apps don't get that permission without you specifically giving it by re-entering your admin password when an installer/script/application asks for it.

After that - well. yeah it can do anything at all including trash your system, but at least you allowed it to happen then, instead of being automagic :D.

dana