Securing Mac OS X
- Jan 25, 2002
The following content is excerpted from Chapter 18 of Internet Security for Your MacIntosh: A Guide for the Rest of Us.
Mac OS X's model for Securing Services
Mac OS X allows you to offer a wide range of Internet services from your machine. By default, these services are turned off, which is the way you should leave them for maximum security. If you do need to enable a service, Apple does a good job of making sure that the service is enabled in a limited, relatively secure way. But services on Mac OS X are implemented quite differently from previous versions of the Mac OS, and you need to understand how they work. If you understand a service before you enable it, you're much more likely to set it up correctly and securely.
Mac OS X uses the Unix model of service security simplified a bit for the rest of us. Even if you are the only one who will use the machine, it's always set up to allow multiple users. Different users on Unix have different levels of access. The user called root has full access to everything on the machine. Many Unix security attacks are based on a network user's logging into a machine as root or running a process on that machine that has root privileges. In Mac OS X, Apple disables the root account, decreasing the likelihood that many common Unix attacks will succeed. Disabling the root account also prevents a user from accidentally doing something that would severely damage his or her machine. Many Unix and core Mac OS X processes still run with root privileges to do their job, but users can't log in as root, either at the machine or over the network.
Instead of root, Mac OS X uses administrative users. Administrative (or admin) users have less power than root users but more than other users on the machine. If you are the only user of your machine, you are an admin user automatically. Admin users can do pretty much anything at the Mac OS level, such as change system preferences, install new system software, and create new users. They still can't do damaging things at the Unix level, however, such as delete key OS files.
Each user of a Mac OS X machine gets a home folder, stored within the Users folder on the hard disk (Figure 18.13). Users' home folders are where they keep all their private files, in addition to files and a Web site that they want to share with other people. Users of the machine can't see most files in the other home folders.
Figure 18.13 Each user of Mac OS X has a home folder.
You create authorized users for a machine in the Users System Preferences window (Figure 18.14). When you create a user, you give that user both a long name and a short one, although the system will derive a short name for you automatically, if you want. Most Unix services use the short name, which is limited to eight characters, is all lowercase, and cannot contain special characters (such as spaces). Passwords can be as long as you like, although most services use only the first eight characters. You can include a password hint in case a user forgets his or her password, although the hint is provided only when a user tries to log into the machine from the keyboard, not through other services. If you want the user to have full administrative privileges on the machine, you can check the appropriate checkbox.
Figure 18.14 You create Mac OS X user accounts in the Users System Preferences window.
Unix also uses groups, but Apple generally shields this concept in Mac OS X. Mac OS X admin users are placed in the admin group automatically, and Mac OS X defines a few other groups for its internal use (such as staff and wheel). But you can't create or assign users to specific groups easily.