running as a non admin

BigDawgES

macrumors member
Original poster
Mar 31, 2003
56
0
I've heard folk on the net advise mac users against setting their main account at "Administrator", with the logic that it's harder to mess with important parts of your OS if you're not an admin.

My question is:
Do I negate the aforementioned benefit if I supply a different user's admin log/pass every time I install new software? Is there a "preferred" method of installing software with this kind of setup?

Thanks for your input!
-Ethan
 

mkrishnan

Moderator emeritus
Jan 9, 2004
29,777
12
Grand Rapids, MI, USA
BigDawgES said:
Do I negate the aforementioned benefit if I supply a different user's admin log/pass every time I install new software? Is there a "preferred" method of installing software with this kind of setup?
Ethan, I made this change to my system fairly recently, and got a lot of help from others here. You do lose the benefit in the sense that once you provide the password, you have given whatever installer you are running free reign. However, you know that it is happening because you were forced to authenticate.

With that being said, I think this is still beneficial. There is one caveat I found. I think the "preferred" method is probably to use either fast-user-switching and/or logout/login and to login as your admin account and do this work, or else to change ownership of all the installed files to root, as opposed to just providing the authentication when you are requested to do so. The reason for this is that, although the authentication will use another account, the software will still be installed under your account, and will still be owned by your account. Other programs running on your computer in your (non-admin) account will therefore be able to make at least some modifications to the files, because you own them, even though they are in folders in the system which you do not own, because the application file itself is a folder which you do own.

This is confusing (to me) so let me try an example. You do not own the /users directory. Therefore you cannot delete your home directory without superuser access. On the other hand, you do own your home directory. So even though your /users/YOU/Library folder is located within /users, which you do not own, you are able to modify it because it is located in your home directory, which you do own.

The same applies to applications. Each OS X application is actually a folder. If you install firefox, you get:

/applications/internet/firefox.app <-- this is the package that you dragged over from the disk image, which appears with an icon in Finder and is called simply "firefox."

Inside this folder are other things, such as...

/applications/internet/firefox.app/contents/macos/searchplugins

Because you own firefox.app and everything inside it, you will be able to modify the searchplugins folder without authenticating.

So that's the problem. If you actually fully log in as your admin account (or as root for that matter), that account will own the folder, and you will not be able to modify these files without authentication. In this case, firefox will not be able, for instance, to install new files to the searchplugins folder from your non-admin account.

If you don't even want these files to be unknowingly changed when you are logged in as admin, then you need to take the additional step of changing the ownership of the .app folder and all subcontents to root:admin, which you do like this:

sudo chown -R root:admin firefox.app

for instance. You will need to do this from an admin account, because your non-admin account is (unless you change this) not on the sudo permission list. It doesn't matter if the pre-change ownership was your admin account or your non-admin account. The -R option is necessary to change all the files inside the app or folder (you do this on the rootmost folder).

So actually, in conclusion, in the safest way, it doesn't matter whether you log in as your admin account or not, but after you install them, you should do the chown thing. If you want to be really anal about it, there are also folders in /library that your account will have ownership of, and should not, so I think you probably also have to do

sudo chown -R root:admin /library

while logged in as an admin... I'm not entirely sure that this last step will work without munging things up. Can anyone back me up on that?
 

grapes911

Moderator emeritus
Jul 28, 2003
6,995
3
Citizens Bank Park
Here is an article you may find interesting. No real fact, just opions. Its mentions that it isn't really unsafe to run as root. Its talking about linux, but some of it applies to OS X. I personally run OS and XP as an Admin and Linux as root.

Here the actual page where they speak about root accounts.
 

Westside guy

macrumors 603
Oct 15, 2003
5,520
2,472
The soggy side of the Pacific NW
grapes911 said:
Here is an article you may find interesting. No real fact, just opions. Its mentions that it isn't really unsafe to run as root.
Well, you gotta realize that the Linspire dude is talking about this because that's been the biggest criticism against Linspire - you're running as root by default. So understand that it is by no means unbiased; then I recommend you read the feedback to that article that's on Slashdot for the countervaling view.
 

grapes911

Moderator emeritus
Jul 28, 2003
6,995
3
Citizens Bank Park
Westside guy said:
Well, you gotta realize that the Linspire dude is talking about this because that's been the biggest criticism against Linspire - you're running as root by default. So understand that it is by no means unbiased; then I recommend you read the feedback to that article that's on Slashdot for the countervaling view.
I understand, thats why I said it was only one opinion. I agree with him a little though. What am I going to hurt running as Admin? I've been using computers enough to know what I'm putting on my computer. I also know enough not to delete system files. I perfer the ease of running as admin over the little security it supplies.
 

mkrishnan

Moderator emeritus
Jan 9, 2004
29,777
12
Grand Rapids, MI, USA
grapes911 said:
I understand, thats why I said it was only one opinion. I agree with him a little though. What am I going to hurt running as Admin? I've been using computers enough to know what I'm putting on my computer. I also know enough not to delete system files. I perfer the ease of running as admin over the little security it supplies.
I could see this... It depends a lot on whether your system is "stable" in the sense of not needing a lot of new software. If it is, I think the benefit/cost ratio is much more advantageous than if it is not.

OTOH, I think Mr. Linspire exaggerates somewhat. If your implementation of user access levels is set in such a way that the only options are root or such a degree of restriction that you cannot change your desktop background, then you have not designed a very good system. ;)
 

MisterMe

macrumors G4
Jul 17, 2002
10,650
29
USA
grapes911 said:
I understand, thats why I said it was only one opinion. I agree with him a little though. What am I going to hurt running as Admin? I've been using computers enough to know what I'm putting on my computer. I also know enough not to delete system files. I perfer the ease of running as admin over the little security it supplies.
Administrator and root are two different levels of privilege. An Administrator account cannot damage the System. The root account can do anything--deliberately or accidentally.
 

grapes911

Moderator emeritus
Jul 28, 2003
6,995
3
Citizens Bank Park
MisterMe said:
Administrator and root are two different levels of privilege. An Administrator account cannot damage the System. The root account can do anything--deliberately or accidentally.
Of course they are different. Root can do anything. Admin can wipe out your Apps folder. It can sudo to Root and do anything. Admin can screw your system up, just not as easily. I (and most other people) would never deliberately destroy my own system. I also feel comfortable enough not to accidentally do it.
 

mkrishnan

Moderator emeritus
Jan 9, 2004
29,777
12
Grand Rapids, MI, USA
grapes911 said:
Of course they are different. Root can do anything. Admin can wipe out your Apps folder. It can sudo to Root and do anything. Admin can screw your system up, just not as easily. I (and most other people) would never deliberately destroy my own system. I also feel comfortable enough not to accidentally do it.
Yeah, I think this has a lot of truth -- it's more of a control thing for a lot of us command-line geeks :rolleyes: ... it's the idea that an application may make a change of which we are unaware in, say, the apps folder. The apps folder is really where it becomes problematic, because if one uses a primary admin account, these changes can be made without authenticating, so you may never know about them if a program makes them on your behalf.
 

BigDawgES

macrumors member
Original poster
Mar 31, 2003
56
0
Thanks!

Thank you all for your insight! I have a better idea of the situation now.
 

Westside guy

macrumors 603
Oct 15, 2003
5,520
2,472
The soggy side of the Pacific NW
Bottom line

The bottom line, I think, is this: If your regular account is a non-admin account, the only difference most users will see is they'll have to type in an admin account's username and password when attempting to do something that requires privilege. Admin accounts have that username filled in - they'll still have to type in their password.

OS X makes running as a non-admin as painless as possible.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.