How to stop people to steal my applications from my macbook?

[Joche]

Does anyone knows how to stop or block or anything that can stop someone of stealing my applictaions?

I tested in my macbook and if you have a USB you can just go and copy any application in the usb. Then you just put it in you macbook and it works.

Please help me with this problem

 

[Tallest Skil]

Anyone with physical access to a computer can do absolutely anything, regardless of operating system.

Simply disallow them physical access.

 

[angelwatt]

Add a password to your account so they can get to the Applications folder or anything else. Also be sure to lock your screen when you're away.

 

[mojohanna]

password protect the computer upon sleep and always put it into sleep when you leave it by itself.

 

[TEG]

You could also create a USB Key, without which your computer locks and will only work again when you insert the key or enter your password.

http://www.rohos.com/products/rohos-logon-key-for-mac/

TEG

 

[Joche]

This is for student access which they log on with limited access accounts.
To use the applications they obviously require read access at a minimum.

How can you remove access to the application folder yet still have the applications function?

Obviously here physical access to the computer is required.

Any ideas?

 

[Sorkvild]

If it's a limited account, I think whenever something moves out of or into the applications folder it requires a password. I could be totally wrong though. Have you tried to use a USB drive to take an application?

 

[Joche]

I tested in my macbook and if you have a USB you can just go and copy any application in the usb. Then you just put it in you macbook and it works.

Yes this has been done.

 

[angelwatt]

You could disable the USB ports. Not a great solution if they need to be able to use a flash drive for more legitimate reasons. Options do seem pretty limited here and most can be bypassed in some fashion.

 

[r0k]

You could create a dummy user that can read and write everybody's files. I know this is dangerous but bear with me. Then you change the program folders so they are only readable by this dummy user. (apps on Mac are really folders). So let's say the app is dreamweaver mx, you right click dreamweavermx.app and pick get info. Then you make it readable and executable only by the dummy user and your admin accound of course. Nobody else can read or execute. Now you create a shell script that everybody can see and execute that is SETUID to the dummy user and the shell script runs the program. Now your students can execute the programs but they cannot copy them and paste them to the usb drives. Lastly, you need to set the setuid bit on your students' folders so that files created in their home folders by applications that are running setuid'd to the dummy user are still writable and readable by the students.

I know it's a hack but it could work. Be sure to set an obscure password for the dummy user. A determined student will get around this but it might work. Remember the first step in security is to prevent access. Barring that, you are hoping these students aren't motivated with time on their hands.

Oh. Here's another thing. Put the apps on a networked drive. They are always run from the networked drive. There are aliases on the students' machines pointing to the apps on the networked drive so they can run the apps but they have to surf around to find the apps. Use parental controls to limit their finder so they cannot browse the network (I think it's called "use simple finder").