Local Security

As we talked about at the beginning of the chapter, Mac OS X is a true multiuser operating system. In Mac OS X, you have complete control over who can do what.

Much of local system security is common sense coupled with a reasonable amount of watchfulness. Because implementing a local security policy is easier than maintaining network security, that's where we'll start.

Let's take a look at a series of steps you can take to minimize the risks to your system.

Create Only "Normal" Users

As we discussed earlier, two types of user accounts can be created in the User Control panel: normal users and admin users. The only difference when setting up accounts is the presence of a check box that reads Allow User to Administer This Computer.

Many systems that I've visited have had all the users set to be administrators. When asked why, the owners replied that they wanted everyone to be able to use the computer to its fullest. An understandable sentiment, but the implications of using this setting are enormous . A user who has this check box set can

• Add or delete users and their files

• Remove software installed in the systemwide Applications folder

• Change or completely remove network settings

• Activate or disable the Web service, FTP service, or SSH (secure shell)

Although it's unlikely that administrators could completely destroy the system (they aren't able to delete the System folder and files), they can make life difficult for others even if they don't mean to.

To add or remove administrative access from an existing user, follow these steps:

1. Open the System Preferences panel.

2. Click the Accounts item under the System section.

3. Double-click the name of the user to edit, or select the name and click Edit User.

4. A sheet showing the administrative check box you're looking for appears. It's shown in Figure 27.14.

   Figure 27.14. Create as few administrative users as possible.

   

5. Uncheck Allow User to Administer This Computer to remove administrative access.

6. Click Save to save to apply the changes.

If your computer has only a few accounts for people you know, this security precaution is probably the only one you need. However, if you want your system to be a bit more impenetrable, keep reading.

Disable Hints and Names

It's obvious that Apple wanted to create a system that would be friendly and accessible for any level of user. In doing so, it made it easier for uninvited users to try to log in by guessing your password.

There are two options to consider if you plan to place your computer in a public area without strict monitoring:

• Password Hints By default, Mac OS X displays a hint for a password if the user fails to correctly enter it three times in a row. It's easy enough to just not enter password hints, but it's safer to disable the feature globally.

• Login Window Names Another default settingthe capability to display icons for each user account on the machine and require only a click to start the login processis nice, but it also gives away part of the system's security. Attackers usually need both a username and a password to log in to a machine. If the usernames are prominently displayed, attackers are already halfway to their goal.

Both of these risky features are disabled from the Login Preferences panel. To shut off both features, follow these steps:

1. Open System Preferences.

2. Click the Accounts button in the System section.

3. Choose the Login Options tab.

4. Click the Display Login Window as Name and Password radio button to select it.

5. Uncheck the Show Password Hint After 3 Attempts to Enter a Password check box.

6. When you're finished, the Login panel should resemble Figure 27.15. Close the panel to save the settings.

   Figure 27.15. Disable password hints and change to a simple username/password login window.