How is this security measure secure?

Discussion in 'macOS' started by Schtibbie, Jan 15, 2007.

  1. Schtibbie macrumors 6502

    Joined:
    Jan 13, 2007
    #1
    I'm completely new to Mac, so forgive my ignorance. I've notice a security feature of OS X that pops up a window when something wants to install or when I try to delete a file from my documents folder. It asks me to type in my password. So, I think, "That's cool! Nothing can install itself without me typing my password. No need for antivirus!"

    But what's to stop any program/website from just drawing that very window up on the screen and having me ignorantly type in my password? Am I missing something? I'm referring to the possibility of a program FAKING that window and then sending my password somewhere for some other evil software to use against me.

    And if you're going to suggest I turn my user into a non-admin user, I've tried that on XP before and it was a NIGHTMARE with document permissions, programs installed under whichever user, etc..
     
  2. WildCowboy Administrator/Editor

    WildCowboy

    Staff Member

    Joined:
    Jan 20, 2005
    #2
    Right...one point of the the window is that it's supposed to remind you that the installer has the potential to mess with your system, so you need to think twice about what you're doing and whether you trust the application being installed.

    And yes, you should run in a non-admin account...it helps keep things from messing with your system. If you ever need admin access while in a non-admin account, it'll prompt you and you can just type in the admin name and password. Apps should generally be installed in the top level folder, so everyone has access to them. Just because you're having problems with it in XP doesn't mean OS X will give you grief.
     
  3. psychofreak Retired

    psychofreak

    Joined:
    May 16, 2006
    Location:
    London
    #3
    BTW there is no need for antivirus anyway..there are no viruses for OSX! yet...
     
  4. emptyCup macrumors 65816

    emptyCup

    Joined:
    Jan 5, 2005
    #4
    That's because the roots of Windows go back to the single user system. Many Windows programs are designed to expect to be root and won't run properly if they are not. This is not so with OS-X. Of course if you're going to blindly give permission for anything to install itself your machine is less secure (by your choice). At least nothing can install itself without your knowing.
     
  5. compuwar macrumors 601

    compuwar

    Joined:
    Oct 5, 2006
    Location:
    Northern/Central VA
    #5
    If you see the window and you're NOT installing software, you should know not to type into it!

    If you see the window and you ARE installing software, well you should be able to evaluate the source of the software enough to decide if it should be allowed to handle your credential.
     
  6. jeremy.king macrumors 603

    jeremy.king

    Joined:
    Jul 23, 2002
    Location:
    Fuquay Varina, NC
    #6
    1. If its a program "faking" the admin login window, then you had to install the program in the first place, so its self inflicted. Just like if I sent you an shell command script that just fired a shellthat did an "sudo rm -rf /" and you executed it after entering in your admin password. The thing to take away here is that if you don't trust the application asking for your credentials, don't provide them.

    2. If you are silly enough to provide your mac's admin username/password to a website, you deserve to be hacked. This is almost as dumb as providing sensitive personal information to a "creditor" over the phone that called you. People still do this and I don't understand why.
     
  7. manosaurus macrumors 6502

    manosaurus

    Joined:
    Aug 22, 2006
    #7
    WC,

    Are you saying that in regards to OS X? If so, then I have never thought of this. Is there a web document published by Apple or some other entity that details this measure? And I am not being sceptical of your advice here - just curious about this.
     
  8. Shadow macrumors 68000

    Shadow

    Joined:
    Feb 17, 2006
    Location:
    Keele, United Kingdom
    #8
    Just as a point please DON'T RUN THIS SCRIPT!!! It will format your HD!
     
  9. WildCowboy Administrator/Editor

    WildCowboy

    Staff Member

    Joined:
    Jan 20, 2005
    #9
    Here is a good document on security in OS X.

    From page 3 of that document:

     
  10. whooleytoo macrumors 603

    whooleytoo

    Joined:
    Aug 2, 2002
    Location:
    Cork, Ireland.
    #10
    It's a real possibility, though it's only really a risk in one situation:

    You've downloaded and run a program, as a non-admin user and it prompts you to enter an admin username and password to perform some action (thus gaining admin user privileges).

    To be honest though, once any such trojan is on your machine, you're already in trouble - it could empty your entire home folder without asking for admin details. That's the problem with (well-designed) trojans, no current OS offers significant protection against them, and it's a very, very, very difficult thing to do.
     
  11. mkrishnan Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #11
    To give you more data points, both of my Macs are set up this way. I definitely also recommend it.
     
  12. compuwar macrumors 601

    compuwar

    Joined:
    Oct 5, 2006
    Location:
    Northern/Central VA
    #12
    Theoretically any system which enforces Mandatory Access Control (MAC) under the Bell-LaPadula model offers significant protection against them so long as the new objects are outside the MAC boundary of the system. That covers Trusted Solaris, HP's Virtual Vault, SGI's Trusted Irix, Linux with SE Linux or RSBAC and the old Data General DG/UX with B2 feature. I'm not sure if MAC is in Trusted Darwin/Trusted BSD yet when I spoke to an Apple SE who was out of Columbia, MD (*cough*) he said they were working on it. Once I get done with some development, I'll probably try the Common Criteria tools on my dev system and go from there.

    The thing about systems that do offer such protections is that they're a royal pain in the posterior to get anything done under, let alone administer.

    I suppose you could say that RBAC offers the same protection, but you could probably make it a bit more robust by ensuring that the linker/loader only runs things as nobody until they've been officially blessed and add ACLs to remove nobody's access to anything- but I think MAC makes it easier to get everything right.
     
  13. gnasher729 macrumors Pentium

    gnasher729

    Joined:
    Nov 25, 2005
    #13
    At the moment you type in your password, whoever has that password has the opportunity to cause major damage to your computer. Therefore you only type in the password if you trust the software that asks for it. If you download some shareware, and it asks for a password, then you decide: Do you trust it or not? If you trust it, you trust it. If you don't trust it, don't type the password - you will have to go without the software. If you trust the software and you are wrong, you're out of luck.

    If you type in the password, it can be used against you. Whether it is the real security dialog (a program tried to do something that it can't do without your permission, and you just gave it permission) or a fake security dialog, doesn't make a difference.
     
  14. mkrishnan Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #14
    Agreed...although... I still dislike it when apps (I think ffmpegx comes to mind as an example) ask you to provide the admin password to the app directly (instead of at a system-generated prompt). I trust ffmpegx fine. But I still feel somehow more comfortable when they follow the rules....
     
  15. apfhex macrumors 68030

    apfhex

    Joined:
    Aug 8, 2006
    Location:
    Northern California
    #15
    :D I just thought that last part sounded hilarious even though I know what you're talking about.

    It's true, you just have to trust the software isn't going to do something bad. Don't enter your password if you think it might.

    I remember discussion about a security hole regarding the authentication dialogue and how it could be tricked into saying it's requesting your password for something other than what it's actually coming from.. dunno if that was ever addressed. Of course if my Mac randomly asked me for my authentication, I'd be suspicious.
     
  16. compuwar macrumors 601

    compuwar

    Joined:
    Oct 5, 2006
    Location:
    Northern/Central VA
    #16
    Heh it does sound funny!

    It really doesn't matter if you can fool the auth dialog, since you can make your own anyway. If it asks randomly, or twice in a row, it's suspicious. But really if it's worth that much trouble, you'd just have to Trojan a good application and get the user to load it-- which is what the Mac Trojans I've heard about have done.
     
  17. trainguy77 macrumors 68040

    Joined:
    Nov 13, 2003
    #17
    OnyX comes to mind....
     

Share This Page