Re: automatic update on Mac OS X

[Martin Brecher <listuser () mb-itconsulting com>]

> Something along the lines of Microsoft's Software Update Services 
(SUS) is
> needed for Macs. SUS solves some of the problems with Automatic 
Updates in
> Windows by allowing the administrator to choose what patches to deploy.

Well, using the unix shell and scripting means that Mac OS X has to 
offer, you could create a very flexible, yet quite simple solution yourself.

For example, you can have a list for each group of computers on a 
central server and have the clients retrieve the appropriate list and 
install the patches.
You could kind of extend security with gnupg: signing the lists with a 
private key and have the clients check the integrity and source of the 
list before attempting an update.
If you plan on running the softwareupdate in the background during work 
hours, put together a simple cocoa application that informs the user of 
the running process and tells the user when to reboot the machine (if 
necessary). (Maybe you can do that with AppleTalk, since a simple 
informational dialog should be sufficient.)
For the management side, putting together a small web based patch-list 
management system with php shouldn't be that hard either. Your 
possibilities with unix are close to infinite. - And the community will 
gladly assist you in attempting them.

I hope you find my ideas helpful and possibly inspiring.

Greetings,
Martin Brecher


---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training), 
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier 
technical IT security event.  Modeled after the famous Black Hat event in 
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.  
Symantec is the Diamond sponsor.  Early-bird registration ends September 6.Visit us: www.blackhat.com
----------------------------------------------------------------------------