36 Comments

Summary:

My Powerbook’s hard drive died last summer, so when I rebuilt it I set up three users, one as the “Super Duper All Powerful” User, and one for my day job (“mike-work”) and one for my personal stuff (“mike-home”). The Admin user is only used for […]

UsersMy Powerbook’s hard drive died last summer, so when I rebuilt it I set up three users, one as the “Super Duper All Powerful” User, and one for my day job (“mike-work”) and one for my personal stuff (“mike-home”). The Admin user is only used for system upgrades and installing software. I don’t have to worry about any kind of rogue software that I run doing bad things to the entire system, just the one user. I use Retrospect to keep things backed up to my iMac. This setup worked very well.

Well, I’m no longer working for the non-profit I used to work for. I’m now a stay-at-home contractor, and loving it. Which means I don’t need two separate work and home accounts. I’m wondering if I should re-install my computer with only one user, and run everything as the Super Duper All Powerful User, or if I should have the admin user, and one account that is for my day to day usage. While the security of using a non-admin user for daily tasks is important, the loss of convenience is a bit of hassle. I’d love to hear the thoughts of other Mac users and experts out there about the balance of security and convenience.

You’re subscribed! If you like, you can update your settings

  1. There is no way you should ever use the root account (your super duper all powerful guy :) ) as your day to day login. It’s good practice to only use it when needed.

  2. The Mac default of having your day-to-day user be an admin account has all the power of Unix, and all the stupidity of Windows.

  3. Always keep one user as a “virgin” account. pure as the day the computer was uncrated. Your regular account can als obe the Admin account…ie the one that authorizes installation of programs. You can then choose to install “other” software only for this user. The “virgin” account only runs software that came with the machine. this way yo ucan tell if the problems you may be having has to do with recent installed apps or utilities etc.

  4. Um…

    An administrative account is not a root account. You still get asked for a password nearly every time that you do anything that you would have to sudo as an ordinary user at the command line (the only exceptions that I can think of being read and write privileges in, e.g., the Applications folder). Mac doesn’t even let you be root. It just lets you grant or deny sudo power to an account. What’s the harm in having that account also be your work account?

    It’s easy to go around calling people stupid, but it would be _helpful_ to us ordinary, stupid people examples and explanations in response to their questions, right? Exactly what is the risk that you run by doing your work (email, word processing) in an account with sudo privileges? Are you afraid that you’ll accidentally open terminal.app and type sudo rm -r * and then your password?

    The only problem with this approach that I can think of is if you enable ssh (off by default) and do something that will allow people to guess the name of your admin account, which would give them a target for a dictionary attack. Which will fail, unless you have a bad password.

    What am I missing?

  5. Theres no need to be root for any day to day usage.

    Login as yourself (normal guy) and when something needs admin/root access it will ASK for it.

    I am a unix guy, and I know what i’m doing around the shell, and I dont even use root unless what I need to do can’t be done as me. Ok I don’t use ‘sudo’ cos I enabled the root account, but generally you shouldn’t do this.

  6. Oh, yeah, one thing that I didn’t mention is that an admin account can change preferences through the GUI (including sharing preferences, account preferences, etc.) without having to retype the password. So if someone has physical access to your computer, and you leave it logged in to an admin account and unattended, they could do malicious things like add an account that they would have access to and change your firewall settings, without having to unlock preferences. I don’t see that being a problem in the scenario described above, but it would be something to consider in a work setting.

  7. vanni – interesting approach, although I have heard reports of issues with some applications when they are installed in home folders. Is that what you are doing, or are you limiting access to applications in the /Applications folder through the accounts management tool?

  8. I created a separate admin account (not named admin) and removed admin privileges from my user account. When I do something that requires admin privileges I have to type the name of the admin account as well as the password rather than just typing the pwd. Some apps, like Adobe CS2, won’t let you check for updates unless you login as an admin.

    Minor inconveniences but worth it for the extra peace of mind.

    I also have Secure VM and FileVault turned on, and I have super-long and complex passphrases.

  9. On the subject, you don’t need to enable the root account to get a root shell. I only do this when I absolutely have to (which is round about never)…

    sudo -s

  10. root!=admin account on osx, unix weenies.

Comments have been disabled for this post