William L. Anderson wrote:
> I am flabbergasted. When I first encountered Unix in 1983 I was taught that
> you
> always run as an ordinary user, and only use admin (root) privileges when
> needed. If OS X developers are running as admin, and building and testing
> their
> products as admin, well ... I'm still in shock. And I weep for the species.
Are you confusing the Mac specifics? "Admin" on OS X is not the same as
root. Members of the Admin group can elevate privs to do things as the
equivalent of root, and the Admin group can write to /Applications. The
app in question could improve, of course, but the fact the Admin has so
much power and that the first user you create is a member of that group
is the fault of OS X.
(At least, that's the way it worked not too long ago, Apple does seem to
occasionally fix these things over time.)
BB
_______________________________________________
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
_______________________________________________
