 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Mac Forum / General / Networking / May 2008Need help w/BootX icon
First I guess I need to know where to post this problem. Re 17" G4 Powerbook running 10.4.11. There is a "BootX" icon on the desktop, no idea how or when it got there. I can't unlock it and can't trash it - would like to be rid of it. Please advise, or tell me where to ask. Thanks, Gary > First I guess I need to know where to post this problem. Re 17" G4 > Powerbook running 10.4.11. There is a "BootX" icon on the desktop, no > idea how or when it got there. I can't unlock it and can't trash it - > would like to be rid of it. This is an appropriate place to ask this question, IMO. The BootX file normally lives in /System/Library/CoreServices/. It's possible you installed and ran some software that allows you to change the Apple logo you see during boot to something else. If so, this software may have made a copy of the BootX file and placed it on your desktop as a backup. Or, perhaps you are running as administrator (bad idea) and you moved the BootX file out of /System/Library/CoreServices/ to your desktop by accident. If I were you, I'd verify that you have a BootX file in /System/Library/CoreServices/. If so, then that means you have another on your desktop, which may indicate the one in your /System/Library/CoreServices/ folder has been modified. If so, you may want to hang onto the one on the desktop in case it's the original version and you may need it later. You can compared two files to see if they are different using the 'md5' command in a terminal window. Here's the syntax: md5 /path/to/file TIP: You can quickly get the path to a given file in a terminal window by dragging the file in question and dropping it onto the terminal window.  SignaturePlease send all responses to the relevant news group. E-mail sent to this address may be devoured by my very hungry SPAM filter. I do not read posts from Google Groups. Use a real news reader if you want me to see your posts. JR Thanks for this. There is another BootX in the Core Services forlder in System. I'm not sure what you mean by "running as administrator" or why that would be bad idea. Who else could be administrator? I'm the only one who uses this computer. I'm also not sure what to do with terminal. I asked for a new command - md5, but not sure what's supposed to happen from there. (Never used Terminal before.) Thanks for your help. Gary > > First I guess I need to know where to post this problem. Re 17" G4 > > Powerbook running 10.4.11. There is a "BootX" icon on the desktop, no [quoted text clipped - 27 lines] > by dragging the file in question and dropping it onto the terminal > window. > I'm not sure what you mean by "running as administrator" or why > that would be bad idea. Who else could be administrator? I'm the only > one who uses this computer. That's part of an ongoing, um, discussion we've had for a while. He's climbed on a soapbox and can't find his way down. Signature<http://designsbymike.net/shop/mac.cgi> Mac and geek T-shirts & gifts <http://designsbymike.net/election.shtml> Election 2008 goods. <http://designsbymike.net/shop/prius.cgi> Prius shirts/bumper stickers <http://designsbymike.net/shop/greet.cgi> Holiday cards with attitude Well,that's fine. I appreciate healthy dialogue, even when at times ahhh, impassioned so to speak. Maybe someone could give me a thumbnail version of the rationale for why it's a bad idea and then some clue as to who is or can be admin on a private single use computer. Gary > > I'm not sure what you mean by "running as administrator" or why > > that would be bad idea. Who else could be administrator? I'm the only > > one who uses this computer. > > That's part of an ongoing, um, discussion we've had for a while. He's > climbed on a soapbox and can't find his way down. > Well,that's fine. I appreciate healthy dialogue, even when at times > ahhh, impassioned so to speak. Maybe someone could give me a thumbnail > version of the rationale for why it's a bad idea and then some clue as > to who is or can be admin on a private single use computer. > Gary As you may well know, if someone buys a new Mac, turns it on, and follows the onscreen prompts, he ends up with a single administrative account. Thus, as far as Apple is concerned, this is a perfectly reasonable way to run your computer, and nowhere in the manual does it say anything contrary to this. Signature<http://designsbymike.net/shop/mac.cgi> Mac and geek T-shirts & gifts <http://designsbymike.net/election.shtml> Election 2008 goods. <http://designsbymike.net/shop/prius.cgi> Prius shirts/bumper stickers <http://designsbymike.net/shop/greet.cgi> Holiday cards with attitude > > Well,that's fine. I appreciate healthy dialogue, even when at times > > ahhh, impassioned so to speak. Maybe someone could give me a thumbnail [quoted text clipped - 7 lines] > reasonable way to run your computer, and nowhere in the manual does it > say anything contrary to this. Indeed. In a nutshell... Some people 'round here feel it's a Very Bad Thing because Stuff Can Happen, even though that Stuff is largely hypothetical. They advocate running in a non-admin account, and entering the username and password of an admin account when the OS asks you to. They feel this is the One and True Way of Secure Computing and that everyone's Granny should be taught The Way. SignatureWoodworking links and more at http://www.woodenwabbits.com Thanks again. What (hypothetical) Stuff are we talking about? I mean even accepting that it's possible, yea perhaps even desirable, to run one's puter under a different account, I'm still unclear as to the dangers posed by running as single account/owner/admin. Gary > > > Well,that's fine. I appreciate healthy dialogue, even when at times > > > ahhh, impassioned so to speak. Maybe someone could give me a thumbnail [quoted text clipped - 20 lines] > They feel this is the One and True Way of Secure Computing and that > everyone's Granny should be taught The Way. > Thanks again. What (hypothetical) Stuff are we talking about? I mean > even accepting that it's possible, yea perhaps even desirable, to run > one's puter under a different account, I'm still unclear as to the > dangers posed by running as single account/owner/admin. They believe that if you run under an admin account, malware can take over the computer. SignatureSupport the troops: Bring them home ASAP. > > Thanks again. What (hypothetical) Stuff are we talking about? I mean > > even accepting that it's possible, yea perhaps even desirable, to run [quoted text clipped - 3 lines] > They believe that if you run under an admin account, malware can take > over the computer. You've been here this long, and that's the only thing you've taken away from it? Tsk tsk... "They" believe more than just that. If you run as admin, you can damage the system yourself - no malware needed. And you make it *easier* for malware to damage your system as well. And "they" would be correct in that belief. Again... When you are logged in as administrator, everything you do, every program you run (directly or indirectly, purposefully or inadvertently) is executed with administrative privileges with access to more parts of the system than normal users. So if you make a mistake, or worse, if you unknowingly run a trojan / worm in that account, you can damage and alter critical system files with little or no acknowledgment from the system. Remember that some files in Mac OS X are owned by the "admin" group, of which the administrator account is a member. The Applications folder is just one example of such a folder. When you are logged in as administrator, Mac OS X allows you to modify these files at will. Mac OS X is designed such that you can accomplish all administrative tasks from a non-administrative account simply by entering the username and password of an administrator when prompted. So while you do need to *have* an administrator account, there's really not much of a reason to run as administrator for day-to-day use. The secure thing to do is to create an account just for administration, then remove administrator privileges from your day-to-day account. SignaturePlease send all responses to the relevant news group. E-mail sent to this address may be devoured by my very hungry SPAM filter. I do not read posts from Google Groups. Use a real news reader if you want me to see your posts. JR > > They believe that if you run under an admin account, malware can > > take over the computer. > > You've been here this long, and that's the only thing you've taken > away from it? Tsk tsk... That's the most important thing I've taken away from it. As for the rest, I think it falls into that nebulous area of knowing just enough to cause harm, but not enough to really know what you're doing. And I think that most users fall to either side of that middle; they don't know enough to do anything that will cause harm, or they know enough to avoid doing harm. SignatureSupport the troops: Bring them home ASAP. > > > Thanks again. What (hypothetical) Stuff are we talking about? I mean > > > even accepting that it's possible, yea perhaps even desirable, to run [quoted text clipped - 11 lines] > malware to damage your system as well. And "they" would be correct in > that belief. As long as most here are wringing out your exception, I wish to take exception to the exception that you are excepting. "exceptio probat regulam in casibus non exceptis" [The exception confirms the rule in the cases not excepted.] You merely forgot to except cases like mine :) I think that most here will agree that if nothing bad happens to an old geezer like me, with an age-shrunken half sized brain, then nothing bad is likely to happen to an ordinary Mac user. In short, you are raising a straw man, something that is _very_ unlikely to happen in ordinary circumstances. (notice I posted "unlikely", not "impossible") I run as administrator 100% of the time, for years on end, delving into the guts of my OS, plus the guts of my Vista partition on my MacBook Pro, doing such things as "combined" backups of both the OS X and Vista partitions. (terminal dd image at block sizes from 512 bytes to 524288 bytes, combined with "stuffing" 99.9% of the Vista partition's free space with hex zeroes for minimum archiving size - - - and yet I have not managed to "damage the system" myself, as you contend, in years of operating as administrator) Furthermore I spend hours surfing the web every night as administrator, going to many obscure websites, mostly medical websites lately, engaged in "spirited" discussions where I put others in their place when their commercial interests in selling their software conflict with everyday medical experience with other competitive software. No firewall, older 10.4.8 OS, ancient Pismo Powerbook. I am in no way advocating operating carelessly as I do, just merely relating the fact that no malware has been encountered by me in years of operating in this fashion. Don't bother to look for me in places like: <http://knowbrainer.com/pubforum/> ...because I post under an alias and cover my "style" very well. The moderator who "runs" that website is guilty of bias and misleading info'. Surprised he has not kicked me out of his forum, for calling him out on his more outrageous claims. (BTW, the "KnowBrainer" site name is very apropos to me, considering my severe lack of smarts compared to ordinary Mac users) Now if you had 'excepted' cases like mine in your posts, by posting something to the effect that some users like me have had NO problems with 'accidents' or 'malware' in years of operation, then I would have no quarrel with your contention that it would be advisable to go to all the time and trouble of setting up and operating non-administrative user accounts. I know, picky, picky, picky, way too "Michelle like" on my part. Mark- In article <noneof-C90773.18343711052008@earthlink.vsrv-sjc.supernews.net>, > > > > Thanks again. What (hypothetical) Stuff are we talking about? I mean > > > > even accepting that it's possible, yea perhaps even desirable, to run [quoted text clipped - 16 lines] > on my MacBook Pro, doing such things as "combined" backups of both > the OS X and Vista partitions. (snip) > I am in no way advocating operating carelessly as I do, > just merely relating the fact that no malware has been > encountered by me in years of operating in this fashion. Apparently you didn't read this sentence very carefully: "If you run as admin, you can damage the system yourself - no malware needed." SignaturePlease send all responses to the relevant news group. E-mail sent to this address may be devoured by my very hungry SPAM filter. I do not read posts from Google Groups. Use a real news reader if you want me to see your posts. JR > Apparently you didn't read this sentence very carefully: > > "If you run as admin, you can damage the system yourself - > no malware needed." I read it very carefully, which is why I posted my lengthy exception to your statement. In other words, to summarize, a person can operate as admin' for lengthy periods of time (years) without damaging his/her system, all this despite heavy use of their system. Why this is true with OS X and me is a matter for speculation, however in my case I have "got by" with operating in that careless fashion for years. Heck, my password is "abcd" and I doubt that anyone else out there has such a simplistic password. If I were running Windows on the internet, I doubt very much that I could get by with such careless operation, judging by the posts I read in the Windows NGs. Until such time as security becomes a problem on OS X, I intend to continue operating in my present careless fashion. Saves a lot of hassle, all my six Macs use my same password, however even that simple password is seldom used, because all six of my Macs autoboot without _any_ password. Look on me as the canary in the coal mine. If/when I get clobbered, then others can start to worry about security. Don't hold your breath waiting though, as I figure that OS X has a run of many years yet before security becomes a problem. Meanwhile, back to my carefree daily hours of Mac web surfing. DISCLAIMER: No way am I advocating that anyone else operates in the same careless fashion as I do! Just merely demonstrating that security for me has not been an "issue" for all these years. Mark- -- As a side-note, it would be a real hassle to me if someone managed to "crack" my Mac, simply because I have "Dragon" software trained to recognize my speech when I dictate such words as "pneumonoultramicroscopicsilicovolcanoconiosis" which is an affliction caused by breathing the minute silica particles from an active volcano. Stuck with using the Vista partition on my MacBook for now, but this might change when MacSpeech upgrades their new "MacSpeech Dictate" software. (I give them a year) Would take me the better part of an hour to restore my MacBook to where it was before any major break-in. In article <noneof-607C75.02232912052008@earthlink.vsrv-sjc.supernews.net>, > > Apparently you didn't read this sentence very carefully: > > [quoted text clipped - 3 lines] > I read it very carefully, which is why I posted my lengthy > exception to your statement. The type of damage you can inflict without malware ranges from unintentionally deleting or moving otherwise-protected files to accidentally changing permissions or ownership of files that you would otherwise be unable to change. None of the scenarios involve malware, and I assure you, these kinds of things happen daily to many Mac users who run as administrator. A potential example is a recent thread in c.s.m.system where a person found a BootX file mysteriously appeared on their desktop. That person is running as administrator, and may have unintentionally allowed his BootX file to be modified and copied simply by entering his own password at a prompt. Had he been running as non-administratr, he would have gotten an additional indicator that something protected was about to be modified, because the system would not have asked for *his* password, but for an administrator's *name* and *password*. SignaturePlease send all responses to the relevant news group. E-mail sent to this address may be devoured by my very hungry SPAM filter. I do not read posts from Google Groups. Use a real news reader if you want me to see your posts. JR > Thanks again. What (hypothetical) Stuff are we talking about? I mean > even accepting that it's possible, yea perhaps even desirable, to run > one's puter under a different account, I'm still unclear as to the > dangers posed by running as single account/owner/admin. Hypothetically, a Bad Program could install Something Nasty because you would be logged in with admin privileges. In the Real World(tm) it doesn't seem to happen, though. SignatureWoodworking links and more at http://www.woodenwabbits.com > > > Well,that's fine. I appreciate healthy dialogue, even when at times > > > ahhh, impassioned so to speak. Maybe someone could give me a thumbnail [quoted text clipped - 14 lines] > Some people 'round here feel it's a Very Bad Thing because Stuff Can > Happen, even though that Stuff is largely hypothetical. Correction: Some people feel it's simply a good idea to follow sound security practices. Let's be clear. I've never suggested the world would end if you do run as administrator. > They advocate running in a non-admin account, and entering the username > and password of an admin account when the OS asks you to. > > They feel this is the One and True Way of Secure Computing and that > everyone's Granny should be taught The Way. While some here may think such things, I'm definitely *not* one of them. SignaturePlease send all responses to the relevant news group. E-mail sent to this address may be devoured by my very hungry SPAM filter. I do not read posts from Google Groups. Use a real news reader if you want me to see your posts. JR > > > > Well,that's fine. I appreciate healthy dialogue, even when at times > > > > ahhh, impassioned so to speak. Maybe someone could give me a thumbnail [quoted text clipped - 16 lines] > > Correction: My statement is accurate and needs no correction. > Some people feel it's simply a good idea to follow sound > security practices. Some people do. That statement is not in conflict with mine. > Let's be clear. I've never suggested the world would > end if you do run as administrator. Let's be clear. I've never suggested anyone has suggested what you seem to suggest I've suggested. > > They advocate running in a non-admin account, and entering the username > > and password of an admin account when the OS asks you to. [quoted text clipped - 3 lines] > > While some here may think such things, I'm definitely *not* one of them. Which explains why you feel no need to comment... SignatureWoodworking links and more at http://www.woodenwabbits.com > > Let's be clear. I've never suggested the world would end if you do > > run as administrator. > > Let's be clear. I've never suggested anyone has suggested what you > seem to suggest I've suggested. Well, that exchanged brightened up my dreary morning. (Dreary only in that my run didn't go as well as I had wanted it to go.) SignatureSupport the troops: Bring them home ASAP. > > Well,that's fine. I appreciate healthy dialogue, even when at times > > ahhh, impassioned so to speak. Maybe someone could give me a thumbnail [quoted text clipped - 7 lines] > reasonable way to run your computer, and nowhere in the manual does it > say anything contrary to this. While nothing about this is mentioned in the manual that comes with your Mac, Apple does recommend not running as administrator in the Mac OS X security guidelines published on their web site: <http://www.apple.com/support/security/guides/> See page 24 of the Mac OS X v10.4 (Tiger) Security Configuration Guide, for example. SignaturePlease send all responses to the relevant news group. E-mail sent to this address may be devoured by my very hungry SPAM filter. I do not read posts from Google Groups. Use a real news reader if you want me to see your posts. JR > While nothing about this is mentioned in the manual that comes with your > Mac, Apple does recommend not running as administrator in the Mac OS X [quoted text clipped - 4 lines] > See page 24 of the Mac OS X v10.4 (Tiger) Security Configuration Guide, > for example. Right, so the point is that only someone who goes out of the way to find this information is even aware of it. It's not aimed at the typical user. To the contrary, Apple states: "To use these guides, you should be an experienced Mac OS X user, be familiar with the Mac OS X user interface, and have at least some experience using the Terminal application's command-line interface. You should also be familiar with basic networking concepts. "Certain instructions in the guides are complex, and deviation could result in serious adverse effects on the computer and its security. The guides should only be used by experienced Mac OS X users, and any changes made to your settings should be thoroughly tested." If the typical user even stumbles upon this, this passage is likely to send him away. Now, let me be clear that I have no issue with people recommending things from the guide here, but I do have an issue with making people think they aren't running their Macs properly by using them exactly as Apple lead them to by following the setup procedure that guides them when they take the computer out of the box and turn it on. Signature<http://designsbymike.net/shop/mac.cgi> Mac and geek T-shirts & gifts <http://designsbymike.net/election.shtml> Election 2008 goods. <http://designsbymike.net/shop/prius.cgi> Prius shirts/bumper stickers <http://designsbymike.net/shop/greet.cgi> Holiday cards with attitude > Now, let me be clear that I have no issue with people > recommending things from the guide here, but I do have an issue with > making people think they aren't running their Macs properly by using > them exactly as Apple lead them to by following the setup procedure that > guides them when they take the computer out of the box and turn it on. Are you suggesting my form explanation is somehow worded too strongly? I'm always open to constructive criticism: The initial user account Mac OS X creates during installation is an administrator account. But running with higher privileges than needed is never a good idea. When you are logged in as administrator, everything you do, every program you run (directly or indirectly, purposefully or inadvertently) is executed with administrative privileges with access to more parts of the system than normal users. So if you make a mistake, or worse, if you unknowingly run a trojan / worm in that account, you can damage and alter critical system files with little or no acknowledgment from the system. Remember that some files in Mac OS X are owned by the "admin" group, of which the administrator account is a member. The Applications folder is just one example of such a folder. When you are logged in as administrator, Mac OS X allows you to modify these files at will. Mac OS X is designed such that you can accomplish all administrative tasks from a non-administrative account simply by entering the username and password of an administrator when prompted. So while you do need to *have* an administrator account, there's really not much of a reason to run as administrator for day-to-day use. The secure thing to do is to create an account just for administration, then remove administrator privileges from your day-to-day account. Here's how to do it: First, open and unlock the System Preferences > Accounts panel. 1. Open System Preferences. 2. Click Accounts. 3. Click the lock icon to unlock the panel (if needed). Next, create a new administrator account: 1. Click the [+] button. A new user account sheet appears. 2. If you are running Mac OS X 10.5 or later, from the New Account menu at the top, choose Administrator. 3. In the Name text box, enter a name, such as "Administrator" (without quotes). There is nothing special about this name. Just pick something you can remember. 4. In the Short Name text box, enter a short name, such as "admin" (without quotes). There is nothing special about this name. Just pick something you can remember. 5. In the Password text box, enter a secure password. If you need help creating a secure password, click the little key icon to the right of this text box, and an assistant will help you come up with a secure password. Personally, I prefer to use a phrase as my password. I try to pick phrases that contain one or two numbers or special characters, and use spaces and punctuation. The goal is to pick a password phrase that you will easily remember, and easy to type, but will be difficult to guess. 6. In the Verify text box re-enter the secure password. 7. If you are running Mac OS X 10.4 or earlier, check the "Allow user to administer this computer" checkbox. 8. Click Create Account. Next, remove administrator abilities from your normal user account: 1. Open System Preferences. 2. Click Accounts. 3. Click the lock icon to unlock the panel (if needed). 4. From the account list on the left side of the Accounts panel, highlight your normal user account name. 5. Clear the "Allow user to administer this computer" checkbox. 6. Log out for the changes to take effect. That's it. Now whenever you are asked for an administrator account's credentials, you can enter the administrator user name and associated secure password. SignaturePlease send all responses to the relevant news group. E-mail sent to this address may be devoured by my very hungry SPAM filter. I do not read posts from Google Groups. Use a real news reader if you want me to see your posts. JR > While nothing about this is mentioned in the manual that comes with > your Mac, Apple does recommend not running as administrator in the > Mac OS X security guidelines published on their web site: > > <http://www.apple.com/support/security/guides/> "To use these guides, you should be an experienced Mac OS X user, be familiar with the Mac OS X user interface, and have at least some experience using the Terminal application¹s command-line interface. You should also be familiar with basic networking concepts. "Certain instructions in the guides are complex, and deviation could result in serious adverse effects on the computer and its security. The guides should only be used by experienced Mac OS X users, and any changes made to your settings should be thoroughly tested." Even if the average user or new Mac owner happens to stumble across that document, I think the above introduction will scare them away. SignatureSupport the troops: Bring them home ASAP. > Even if the average user or new Mac owner happens to stumble across that > document, I think the above introduction will scare them away. Are you reading my mind again, or am I reading yours? <g> Signature<http://designsbymike.net/shop/mac.cgi> Mac and geek T-shirts & gifts <http://designsbymike.net/election.shtml> Election 2008 goods. <http://designsbymike.net/shop/prius.cgi> Prius shirts/bumper stickers <http://designsbymike.net/shop/greet.cgi> Holiday cards with attitude > > Even if the average user or new Mac owner happens to stumble across > > that document, I think the above introduction will scare them away. > > Are you reading my mind again, or am I reading yours? <g> I think it's more a matter of TMTA. SignatureSupport the troops: Bring them home ASAP. > > > Even if the average user or new Mac owner happens to stumble across > > > that document, I think the above introduction will scare them away. > > > > Are you reading my mind again, or am I reading yours? <g> > > I think it's more a matter of TMTA. TMTA??? none of the items in the acronymfinder seem appropriate. > > I think it's more a matter of TMTA. > > TMTA??? > none of the items in the acronymfinder seem appropriate. Two minds think alike. Usually one would use GMTA (great minds think alike) instead, but considering the two minds involved here... Signature<http://designsbymike.net/shop/mac.cgi> Mac and geek T-shirts & gifts <http://designsbymike.net/election.shtml> Election 2008 goods. <http://designsbymike.net/shop/prius.cgi> Prius shirts/bumper stickers <http://designsbymike.net/shop/greet.cgi> Holiday cards with attitude > > TMTA??? none of the items in the acronymfinder seem appropriate. > > Two minds think alike. Usually one would use GMTA (great minds think > alike) instead, but considering the two minds involved here... Yeah, what you said. SignatureSupport the troops: Bring them home ASAP. > > > > Even if the average user or new Mac owner happens to stumble > > > > across that document, I think the above introduction will scare [quoted text clipped - 6 lines] > TMTA??? > none of the items in the acronymfinder seem appropriate. Typo; I meant GMTA. SignatureSupport the troops: Bring them home ASAP. > > While nothing about this is mentioned in the manual that comes with > > your Mac, Apple does recommend not running as administrator in the [quoted text clipped - 14 lines] > Even if the average user or new Mac owner happens to stumble across that > document, I think the above introduction will scare them away. The manual does contain advanced topics that a lot of people might want to avoid, but running as administrator, and creating a non-administrator account aren't what I consider to be particularly advanced topics. SignaturePlease send all responses to the relevant news group. E-mail sent to this address may be devoured by my very hungry SPAM filter. I do not read posts from Google Groups. Use a real news reader if you want me to see your posts. JR > > Even if the average user or new Mac owner happens to stumble across that > > document, I think the above introduction will scare them away. > > The manual does contain advanced topics that a lot of people might want > to avoid, but running as administrator, and creating a non-administrator > account aren't what I consider to be particularly advanced topics. Average users, in the unlikely event that they even stumble upon the guide, are going to stop reading at the passage Michelle and I cited. They aren't going to read the whole guide and see the part about admin and non-admin accounts. Signature<http://designsbymike.net/shop/mac.cgi> Mac and geek T-shirts & gifts <http://designsbymike.net/election.shtml> Election 2008 goods. <http://designsbymike.net/shop/prius.cgi> Prius shirts/bumper stickers <http://designsbymike.net/shop/greet.cgi> Holiday cards with attitude > > > Even if the average user or new Mac owner happens to stumble across that > > > document, I think the above introduction will scare them away. [quoted text clipped - 7 lines] > They aren't going to read the whole guide and see the part about admin > and non-admin accounts. That may be, but they probably won't stop reading my posts about the subject. And I can tell you with certainty the friends and relatives whose Macs I manage and to whom I give advice don't even question it. SignaturePlease send all responses to the relevant news group. E-mail sent to this address may be devoured by my very hungry SPAM filter. I do not read posts from Google Groups. Use a real news reader if you want me to see your posts. JR > > "To use these guides, you should be an experienced Mac OS X user, > > be familiar with the Mac OS X user interface, and have at least [quoted text clipped - 15 lines] > non-administrator account aren't what I consider to be particularly > advanced topics. That very well may be the case, but that introduction doesn't let the reader know what is advanced and what isn't. Many novices, upon reading that intro (assuming they find the document in the first place) will not bother reading any further. SignatureSupport the troops: Bring them home ASAP. > > > "To use these guides, you should be an experienced Mac OS X user, > > > be familiar with the Mac OS X user interface, and have at least [quoted text clipped - 20 lines] > that intro (assuming they find the document in the first place) will not > bother reading any further. That's an issue with the way the book is written - and has no bearing what-so-ever on whether or not running as administrator is a sound security practice. SignaturePlease send all responses to the relevant news group. E-mail sent to this address may be devoured by my very hungry SPAM filter. I do not read posts from Google Groups. Use a real news reader if you want me to see your posts. JR > > I'm not sure what you mean by "running as administrator" or why > > that would be bad idea. Who else could be administrator? I'm the only > > one who uses this computer. > > That's part of an ongoing, um, discussion we've had for a while. He's > climbed on a soapbox and can't find his way down. Be nice. : ) SignaturePlease send all responses to the relevant news group. E-mail sent to this address may be devoured by my very hungry SPAM filter. I do not read posts from Google Groups. Use a real news reader if you want me to see your posts. JR > Thanks for this. There is another BootX in the Core Services forlder in > System. > I'm also not sure what to do with terminal. I asked for a new command - > md5, but not sure what's supposed to happen from there. (Never used > Terminal before.) You should compare the two to see if they are identical. The 'md5' command calculates a checksum of the specified file. If both files have the same checksum, they are identical. If they have different checksums, they are not identical. Enter these command in a terminal window: md5 ~/Desktop/BootX md5 /System/Library/CoreServices/BootX Examine the checksum number reported for each one. If the numbers are the same, these files are identical and you can safely delete the one on your desktop. If the numbers are different, that means one of the files has been modified. So you'll probably want to hang onto both of them in case one of them causes problems during boot. SignaturePlease send all responses to the relevant news group. E-mail sent to this address may be devoured by my very hungry SPAM filter. I do not read posts from Google Groups. Use a real news reader if you want me to see your posts. JR > I'm not sure what you mean by "running as administrator" or why > that would be bad idea. Who else could be administrator? I'm the only > one who uses this computer. The initial user account Mac OS X creates during installation is an administrator account. But running with higher privileges than needed is never a good idea. When you are logged in as administrator, everything you do, every program you run (directly or indirectly, purposefully or inadvertently) is executed with administrative privileges with access to more parts of the system than normal users. So if you make a mistake, or worse, if you unknowingly run a trojan / worm in that account, you can damage and alter critical system files with little or no acknowledgment from the system. Remember that some files in Mac OS X are owned by the "admin" group, of which the administrator account is a member. The Applications folder is just one example of such a folder. When you are logged in as administrator, Mac OS X allows you to modify these files at will. Mac OS X is designed such that you can accomplish all administrative tasks from a non-administrative account simply by entering the username and password of an administrator when prompted. So while you do need to *have* an administrator account, there's really not much of a reason to run as administrator for day-to-day use. The secure thing to do is to create an account just for administration, then remove administrator privileges from your day-to-day account. Here's how to do it: First, open and unlock the System Preferences > Accounts panel. 1. Open System Preferences. 2. Click Accounts. 3. Click the lock icon to unlock the panel (if needed). Next, create a new administrator account: 1. Click the [+] button. A new user account sheet appears. 2. If you are running Mac OS X 10.5 or later, from the New Account menu at the top, choose Administrator. 3. In the Name text box, enter a name, such as "Administrator" (without quotes). There is nothing special about this name. Just pick something you can remember. 4. In the Short Name text box, enter a short name, such as "admin" (without quotes). There is nothing special about this name. Just pick something you can remember. 5. In the Password text box, enter a secure password. If you need help creating a secure password, click the little key icon to the right of this text box, and an assistant will help you come up with a secure password. Personally, I prefer to use a phrase as my password. I try to pick phrases that contain one or two numbers or special characters, and use spaces and punctuation. The goal is to pick a password phrase that you will easily remember, and easy to type, but will be difficult to guess. 6. In the Verify text box re-enter the secure password. 7. If you are running Mac OS X 10.4 or earlier, check the "Allow user to administer this computer" checkbox. 8. Click Create Account. Next, remove administrator abilities from your normal user account: 1. Open System Preferences. 2. Click Accounts. 3. Click the lock icon to unlock the panel (if needed). 4. From the account list on the left side of the Accounts panel, highlight your normal user account name. 5. Clear the "Allow user to administer this computer" checkbox. 6. Log out for the changes to take effect. That's it. Now whenever you are asked for an administrator account's credentials, you can enter the administrator user name and associated secure password. SignaturePlease send all responses to the relevant news group. E-mail sent to this address may be devoured by my very hungry SPAM filter. I do not read posts from Google Groups. Use a real news reader if you want me to see your posts. JR |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.