[Bilemshious]

I recently (10-11-03) switched and was wondering about the different user account settings. In Win XP, it was recommended that as a user you should have a seperate account for doing the everyday things and another for the administration aspects of computing in order to not "screw up the system" I suppose. Is this the same in OS X? I use Pather too by the way.

Thanks

[Powaqqatsi]

Do it ir you are REALLY scared of ****ing something up. ****ing something with normal usage is as good as impossible . So do as you please, it's not necesarry and I don't think a lot of poeple do it.

[typoon]

The "admin" mode in Panther allows you have control of the machine, change settings, add users, delete apps things like that. If you install an App it will still ask you for a password, so you can't inadvertantly install something like you can on Windows. If you want you can setup a regular user account so that when you enter the System Prefs or something in order to modify it you have to always enter a username and password. The other thing about the Admin mode that you are put into allows you to limit what a general user can access on your machine. What I sometimes do is setup a "guest" account with limitations so that when I let people use my computer they can only use what I want them to. The admin account in OS X is pretty safe since it doesn't log you in as root. If you log in as the "root" user you can serious f*ck up your system.

Hope that answers your question

[Angus_D]

Any admin user is effectively root, though. That means they can read your files.

[ryaxnb]

Originally posted by Angus_D:
Any admin user is effectively root, though. That means they can read your files.

Not quite... admin can't mess with the system, root can.

[Brass]

Admin in OS X is different to Admin in Windows.

In Windows, admin users can do anything to anything. This is the same as the "root" (or Super-User) account in OS X (and other unix systems).

In OS X, admin users have access to change settings and configurations, and do installations that other users cannot do. Admin users also have the ability to run switch to the root user (super user) or run some commands as the super user (root), but only from a unix command line, so it is rather difficult for most people to do. Ie, admin users cannot do anything to anything in OS X without deliberatly using command line unix tools.

[Angus_D]

Originally posted by ryaxnb:
Not quite... admin can't mess with the system, root can.

Admins can mess with the system, because they have the right to execute tools as the super-user through both sudo and Authorization Services.

[Angus_D]

Originally posted by Brass:
Admin users also have the ability to run switch to the root user (super user) or run some commands as the super user (root)

So, admin users effectively have the privileges that root does, because they have the right to run things as root.

[Playdoe]

If you set-up a "Standard" user account from within your "Admin" user account and give that account unlimited access, does that really mean "unlimited" access?

I have a FW external hard drive that I can mount from within my "Standard" user account, but I'm unable to dismount the same volume without an "Admin" authorization.

What's up?

[Brass]

Originally posted by Angus_D:
So, admin users effectively have the privileges that root does, because they have the right to run things as root.

Angus, that's absolutely correct. However, it misses the point I was trying to make.

The point is, that an admin user on OS X is unlikely to ACCIDENTALLY mess up system stuff because they have to switch to root (or sudo) using the command line. This is a very deliberate thing, and is in effect loggin in (albeit not through the GUI, and only temporarily) as root. And therefore a different user.

Whereas an admin user on Windows can very easily screw the system by accident just using the normal GUI.

The significance being (for the original question) that making your usual OS X account an admin account is perfectly safe and reasonable.

In windows, many would consider it safe too, but I think it is somewhat less save than in OS X.

[Boondoggle]

It really makes more sense to create a standard account for your general use. You won't have to worry about accidentally deleting programs etc, and you only have to type in pwords for installations and system changes.

With fast user switching you can even leave your admin account logged in for fast switching to make certain changes if you want too.

There are plenty of threads in these board started by people who deleted various programs and want to know how to "get it back". If they had been useing a standard account these minor disasters would never have happened.

bd

[Brass]

Originally posted by Boondoggle:
It really makes more sense to create a standard account for your general use. You won't have to worry about accidentally deleting programs etc, and you only have to type in pwords for installations and system changes.

With fast user switching you can even leave your admin account logged in for fast switching to make certain changes if you want too.

There are plenty of threads in these board started by people who deleted various programs and want to know how to "get it back". If they had been useing a standard account these minor disasters would never have happened.

bd

I guess you could be right, but I've not seen those threads. Can't be too many of them.

[ryaxnb]

Originally posted by Boondoggle:
It really makes more sense to create a standard account for your general use. You won't have to worry about accidentally deleting programs etc, and you only have to type in pwords for installations and system changes.

With fast user switching you can even leave your admin account logged in for fast switching to make certain changes if you want too.

There are plenty of threads in these board started by people who deleted various programs and want to know how to "get it back". If they had been useing a standard account these minor disasters would never have happened.

bd

I rather disagree. On my home system, iHave two admin accounts, one for me and one for my mom, and neithier have passwords on them.

[Playdoe]

Quote:
______________________________________________
I rather disagree. On my home system, iHave two admin accounts, one for me and one for my mom, and neithier have passwords on them.
______________________________________________

How did you create two Admin accounts?

I've created a new user via my Admin account and given that new user unlimited access. Howerever, this "new user" account still requires Admin authorization for certain actions.

Am I missing somethin' ?

[Angus_D]

Originally posted by Playdoe:
How did you create two Admin accounts?

On Panther, go to the Account pane, select the account you want to make admin, go to the Security tab and check "Allow user to administer this computer". It's similar on Jaguar.

[Playdoe]

Originally posted by Angus_D:
On Panther, go to the Account pane, select the account you want to make admin, go to the Security tab and check "Allow user to administer this computer". It's similar on Jaguar.

Just figured this out. For me, it seems logical for the "Allow user to administer this computer" option to be under the "Limitations" tab not the "Security" tab.

Reguardless, shouldn't a "Standard" account user be able to dismount an external hard drive without an "Admin" password that they had previously mounted without an "Admin" password?

This is my real problem.

[C.J. Moof]

My understanding is that an external firewire that's present at system startup gets owned by root. If it's attached during a user session, it's owned by that user.

You have to authenticate as an admin to umount a file system that root owns.

I haven't tested this yet- it's just a claim I picked up on another board.

[typoon]

I am the administrator account of my machine. Yes you can remvoe files and things but it still asks for a password when trying to install something. whether in the user or the admin account. I just know the admin account allows you to delete apps without a password. YOu still can't delete the library from the system (not the user one) withouth being logged in as root. Even as Administrator it doesn't let you do that. I don't see much reason to setup a user account unless you are doing development or something where you don't want it cluttering you daily user.

[G-Force]

What about using an admin account without a password vs. doing the same with a user account? This would be done on a home computer that is connected to the internet (no service ports open), but behind a netgear router/firewall. This would be convenient for the fast-user switching because you wouldn't have to type passwords to switch users.

Are there any security risks to doing this given my home setup?

[typoon]

Originally posted by G-Force:
What about using an admin account without a password vs. doing the same with a user account? This would be done on a home computer that is connected to the internet (no service ports open), but behind a netgear router/firewall. This would be convenient for the fast-user switching because you wouldn't have to type passwords to switch users.

Are there any security risks to doing this given my home setup?

I don't see any except for one. If you have a friend who comes over and starts mucking around on your machine they could really f*ck something up. other than that there is no issue with it. If it's for a family I don't see a problem unless you've got some Pr0n that you don't want your kids and significant other to see.

[CatOne]

Originally posted by Angus_D:
So, admin users effectively have the privileges that root does, because they have the right to run things as root.

WRONG. Admin users cannot run/launch things as root unless they authenticate as root. Dialogs must ask for this, specifically.

An admin is NOT root. Admins can install software, modify things, but they cannot do things as root without SPECIFICALLY authenticating as root. It's not the same.

[CatOne]

Originally posted by Angus_D:
Any admin user is effectively root, though. That means they can read your files.

No, an admin cannot read your files, without specifically authenticating as root.

Try it. If you do not know the root password, you cannot read someone else's files. If the admin knows the root password, they can. But you can have multiple admin accounts, and not all of them need to know the root password.

By default, the *first* admin account's password is the same as the root password, but this isn't the case for all admin accounts.

[hudson1]

Originally posted by Angus_D:
So, admin users effectively have the privileges that root does, because they have the right to run things as root.

Someone correct me if I'm wrong (quite possible) but doesn't any user have the ability to use the 'sudo' command in the Terminal as long as they have the root password? If the Admin and a regular user are going to really be one and the same person, then you're going to know the password anyway with the same ability to mess something up. I just don't see any reason for a person to set up an Admin and a regular user account for himself/herself.

[scoot]

Originally posted by CatOne:

Originally posted by Angus_D
No, an admin cannot read your files, without specifically authenticating as root.

Try it. If you do not know the root password, you cannot read someone else's files. If the admin knows the root password, they can. But you can have multiple admin accounts, and not all of them need to know the root password.

Wrong.
An admin can sudo to root. This takes only an admin password, not the root password.

Originally posted by CatOne:
By default, the *first* admin account's password is the same as the root password, but this isn't the case for all admin accounts.

Only on OS X Server. For OS X client, there is no root password by default, and the root user is disabled.

---------------
As for deleting system files, an admin user can now do so via the finder, needing only to provide an admin login and password. You can test this by attempting to delete the network prefs files (now conveniently located in /library/preferences/systemconfigurration ). This is new to Panther - both the finder authentication, and the new location of network pref files.

So be careful.

[Boondoggle]

a lot of words wasted...

if people used standard user accounts most of those issues dissapear.

There is no compelling reason to activate the root account for 99% of users.

Admin accounts treated like a Unix sysadmin would treat root, removes the potential for problems without significantly adding to complexity or obstacle.

[Angus_D]

Originally posted by CatOne:
No, an admin cannot read your files, without specifically authenticating as root.

False. Admin users can run tasks with an EUID (effective user ID) of 0, through either sudo or Authorization Services (part of the Security framework).

Try it. If you do not know the root password, you cannot read someone else's files. If the admin knows the root password, they can. But you can have multiple admin accounts, and not all of them need to know the root password.

My computer doesn't have a root password. I will try it if you want, though.

Code:
spiffy:/Users/celia finlayd$ ls -l | grep private_file
-rw-------   1 celia  celia   18  6 Nov 16:51 private_file
spiffy:/Users/celia finlayd$ cat private_file 
private_file: Permission denied
spiffy:/Users/celia finlayd$ sudo -s
Password:
spiffy:/Users/celia root# cat private_file
This is a secret.

sudo takes MY ADMIN ACCOUNT PASSWORD, as /etc/sudoers allows the admin group by default.

If you have an admin account, you could inadvertently authenticate as root by typing your account password at a prompt by being "tricked". I'm not sure how much of a worry this is to you, but as I have maintained, all admin users are effectively root as they have the rights, out of the box, to execute binaries as root, either through sudo (/etc/sudoers) or Authorization Services (/etc/authorization).

[ryaxnb]

Originally posted by ryaxnb:
I rather disagree. On my home system, iHave two admin accounts, one for me and one for my mom, and neithier have passwords on them.

I think you're not really missing anything. All Admin accounts need authorization. The only accounts that don't are root.

[Yose]

My system is setup as such, admin user created at the time of installation and "my" account which I used to pretty much do everything, it does not have "admin" activated.

I've been reading the mySQL installation pages (through entrophy.ch) and I'm trying to figure out if it's dangerous to be doing this from my admin account or not. It repeatidly talks about not giving mySQL root access, etc.

Can anyone shed some light on this for me?

Thanks.

[bstone]

Originally posted by ryaxnb:
Not quite... admin can't mess with the system, root can.

I wonder if people here know anything about sudo. As an admin, you're sudoers.conf file sets you to ALL=(ALL) ALL which means that you can *easily* become root and thus manipulate each and every system file.

Whenever you type in your admin password, you are executing the command as root.

[IamBob]

<nutshell> An admin account is effectively the same as root. </nutshell>

The only difference between root and admin is that as an admin, you will have to type your password before you can totally hose your system.

Chew on that for a while.