Malware vs mac user accounts

Discussion in 'Mac Basics and Help' started by Magrão, May 24, 2011.

  1. Magrão macrumors newbie

    Joined:
    Mar 4, 2011
    Location:
    UK
    #1
    In the wake of all the recent noise about the Mac Defender malware, I read several posts around the internet where people mentioned maintaining one standard user profile for general day to day use, and then a separate admin profile.

    I've been playing around with the above idea; prior to this I just had my sole user set up as admin. When I would download and install apps I would get prompted for my password. However, now with my standard user account, when I download an app, I can open and run the app from the download folder with no problem. It only prompts me for the username and password of an admin if I try to move the app to the Applications folder.

    Where is the security in that? If I wasn't thinking straight, or someone else was using my mac, and downloaded some malware, the app could simply be run from the download folder.

    Opinions? Thanks
     
  2. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #2
    It doesn't matter if you're running as a standard or admin user. Yes, you can launch an app from the downloads folder, but it can't achieve privilege escalation and affect your OS X installation without entering your admin password. There are several threads where this is discussed in detail. If you want technical detail, pay special attention to posts by munkery. The bottom line is you can avoid all Mac malware by simply exercising caution in where you get software that you install or run.

    Mac Virus/Malware Info
     
  3. simsaladimbamba

    Joined:
    Nov 28, 2010
    Location:
    located
    #3
    But as malware still needs an admin password to get access to system files and folders, be it in a Standard Account or Administrator Account, it still can't do anything. And most Mac OS X applications don't need to access system files and folders, thus no password is needed to execute it either way.

    Mac Virus/Malware Info by GGJstudios
    There are currently no viruses for Mac OS X in public circulation, only a handful of trojans and other malware, which have to be installed manually via entering the administrator password.
    The only anti-virus you need to protect your Mac is education and common sense.
     
  4. Rowf, May 24, 2011
    Last edited: May 24, 2011

    Rowf macrumors regular

    Joined:
    Feb 7, 2011
    #4
    I've been running a standard user account for a week or so now and one annoying 'quirk' of this is that software update won't run automatically, I have to manually update after entering user name and password.
    I've searched the 'net and macrumors forums and there doesn't seem to be an answer to this.
    In the interests of security keeping the system up to date with the latest patches etc, seems quite high and not being able to do this automatically seems to negate any possible benefits of using the standard user account (of which, going by the last two posts on this thread, there doesn't seem to be any running as the only user of my mac)

    One other thing that i've noticed is that if I download from the app store it will ask for my admin name and password when using a standard account, if I do it from my admin account it just downloads and installs without asking.
     
  5. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #5
    That's not a quirk since software update is used to update the OS and applications. That's a task for an admin not a standard user.
     
  6. Magrão thread starter macrumors newbie

    Joined:
    Mar 4, 2011
    Location:
    UK
    #6
    Thanks for those responses, I'll check out those links. In any case, from what GGJstudios & simsaladimbamba have said, there doesn't seem to me to be a great deal to be gained from running two accounts like this (especially in light of what Rowf mentions). Either way, if I were to mistakenly download and install some malware, installing it in the applications folder, I'd still have to enter a password in some cases. Or did I misunderstand? :confused:
     
  7. simsaladimbamba

    Joined:
    Nov 28, 2010
    Location:
    located
    #7
    You didn't misunderstand.

    I run admin accounts on my Mac daily, I have no Standard Account. I do that since 2004, the year I switched.
    And since then I have never installed any kind of malware, just with the use of common sense.
     
  8. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #8
    You didn't misunderstand.
     
  9. Consultant macrumors G5

    Consultant

    Joined:
    Jun 27, 2007
    #9
    Standard account: requires admin password to install applications (such as the trojan malware)

    Admin account: requires admin password to install applications (such as the trojan malware)

    Just don't install anything shady / didn't download. Result = no malware in either case.
     
  10. old-wiz macrumors G3

    Joined:
    Mar 26, 2008
    Location:
    West Suburban Boston Ma
    #10
    I've run the same way since 2005 when I switched. No malware, just a bit of common sense. Unfortunately "common sense" is sadly lacking in many computer users today.
     
  11. simsaladimbamba

    Joined:
    Nov 28, 2010
    Location:
    located
    #11
    It's called "human condition" and can be applied to all fields of existence, meaning the lack of that legend called "common sense" (which I lack in some other areas).
     
  12. Magrão thread starter macrumors newbie

    Joined:
    Mar 4, 2011
    Location:
    UK
    #12
    Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_3 like Mac OS X; en-gb) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8J2 Safari/6533.18.5)

    Thanks for all responses :)
     

Share This Page