[godzookie2k]

I'm looking for a way to one button lock down my osx workstation at home. Not like, kick to screensaver with a password, but to encrypt certain folders and password lock certain applications. I sometimes have guests at my house who aren't of the most savory of sorts, but aren't accomplished hackers or anything, so a simple password protection should do. Heres what I need it to do:

one button or simple applescript double click that encrypts certain folders on my drive that would require a password to open keychain unlocked or not.

it needs to either quit and encrypt/password lock certain applications like my calendar and email, OR BETTER YET, hide them in the background and require a password to bring them to the front.

and on top of all of that I'd like there to be a way for me to find out any attempts at unauthorized access, wrong passwords entered, or even attempts at launching any of those folders/files/applications while the system is locked down. I was thinking that the old macos9 had apple file security and I could probably just write a simple applescript that applied passwords without adding them to the keychain to certain folders and applications and stuff and had it all attached to a function key, but I don't think osx has an apple file security system like that, i might be wrong. and key is the fact that i need to be able to find out attempts at accessing, with date and time stamps. I know its impossible to fully lock down a local machine with an experienced hacker at the helm, but I think the simple password protection would serve my purposes just fine in this case. ANYONE have any ideas or suggestions? I know its a tall order, but I've been bouncing the thought through my head for a few days and can't come up with anything.

[PubGuy]

Well, it seems to me the simplest way to do this is to setup a separate "Guest" account and not require a password to use the Guest account. That way, anyone can get on the machine and not need a password, your all your user directories will be complete protected.

Another thing you could do to restrict the Guest user even further, is to go to System Preferences --> Accounts --> select your Guest account, then select Capabilities. There you could set up the Guest user to use only "Simple finder" and also specify which apps they have access to.

The final step would be to go to System Preferences --> Accounts --> Login Options and change your Login window to require Name and Password. That way, the user doesn't see a list of accounts on the machine, so they will have to guess both your UserID and Password to get in (I doubt they could sit there and guess both).

Oh, and regarding your quick lock out feature, you can log out from the machine with Shift-Command-Q, then press enter --- that's as close to a one button lockout you can get. It'll even be better with Panther with Fast User Switching as all your programs will continue to run in the background.

This way is certainly the easiest and most secure method you can use to lock down your system and protect your personal files.

As a side note: I've got a iMac set up for family use. I am the only administrator on the machine and set up the network and proxy settings and install software. Each one of the kids have their own accounts (personal file, settings, dock, etc.) There is no way anything they do affects my account. I also installed a Guest account for occasionaly people that visit that want to check their email, or ichat while away from home. Again, this account is even further restricted. Never had a problem with this setup.

[godzookie2k]

i know I could set up a guest account, I appreciate the walk through, but I don't want to have to log out...

[ambush]

Originally posted by godzookie2k:
i know I could set up a guest account, I appreciate the walk through, but I don't want to have to log out...

Wait for Panther... it has encryption stuff and fast log out

[godzookie2k]

well dammit that doesn't help me *now* does it? oh well. thanks anyway.