how far we still need to go

[band at acm.org (William L. Anderson)]

BB, well yes I did gloss over the OS X admin and Unix "root" diffs.

And I agree that the install does create the first user as admin. That's a
problematic scenario.

Furthermore, I probably know too much, because I knew I wanted to create an
ordinary user acc't in addition to admin on my personal machine. And I know
enough to add the ordinary user to the "sudoer" list, so I can get admin
privileges when I want. This is definitely way too much work for someone who
just wants to use the computer.

But I still expect developers to know the difference and build their apps so
that ordinary folk can install them. But, then ordinary folk need to know the
difference between admin and ordinary. ... Uh oh, I'm getting a headache.

Thanks for the clarification.

-Bill

Blue Boar wrote:
> William L. Anderson wrote:
> > I am flabbergasted. When I first encountered Unix in 1983 I was taught that you
> > always run as an ordinary user, and only use admin (root) privileges when
> > needed. If OS X developers are running as admin, and building and testing their
> > products as admin, well ... I'm still in shock. And I weep for the species.
>
> Are you confusing the Mac specifics? "Admin" on OS X is not the same as
> root. Members of the Admin group can elevate privs to do things as the
> equivalent of root, and the Admin group can write to /Applications. The
> app in question could improve, of course, but the fact the Admin has so
> much power and that the first user you create is a member of that group
> is the fault of OS X.
>
> (At least, that's the way it worked not too long ago, Apple does seem to
> occasionally fix these things over time.)
>
>                                               BB
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4546 bytes
Desc: S/MIME Cryptographic Signature
Url : http://krvw.com/pipermail/sc-l/attachments/20070725/900be3e3/attachment.bin