> From: Ed Leafe <[EMAIL PROTECTED]> > Assuming I install it to the system's Applications folder, they all > have *access* rights to it, but they cannot change it at all. If I > install it to my local Applications folder, then no, they have no > access to it.
So you install OO to the systems App folder and everyone can use it, storing their personal files in their personal space. > > Your son saves files to his personal workspace, no > > biggie. Same being true of a dabo utility you write. > > As long as the files are in your home folder, that's correct. > > > Your son downloads a game to his workspace, but it's also a > > Trojan. Can > > an exploit that is in your son's area go and cross over to your wife's > > files or mess with the file index of the disk? > > No. Anything executing in my son's session is executing at his > privilege level, and thus has no access to other home folders or > system locations. The only way something like that can happen is if > there is a security flaw in the system that allows a rogue program to > get root privileges, and to date no such vulnerability has been found > in any BSD-based system (of which OS X is one). So you run with the rights you should as your logged in. Do Apple users separate the concept of root and user properly unlike Winders users? At my day job I stated that we had to take EVERYBLASTEDONEofUS out if the domain admin group because it was just a little insecure. The look of disgust I got from our CIO told me that it was a dead issue. I brought it up a second time and it went nowhere. What a bunch of losers that can't separate between a pair of identities as needed. Now back to an apple workplace. How much time is it to administer desktops with a new version of a dabo app that you write? Can you automatically update what is running in the system folder? Or do you put the app in every users folder so they can update on demand? _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/profox OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
