OMG!!!!!

Previously in uk.comp.vendors, Peter Hayes said:
As for Macs ... so are they!

When I do something like install an app I'm asked for the root password,
and that's how it should be.

Indeed, the grandfather post is confused. You run as an ordinary user ID
under OS X, and it prompts you for a password to elevate your
permissions (via sudo) when it needs to access system files, e.g. when
running installation routines for drivers and suchlike. In fact, you
can't even have a proper root account without some jiggery pokery, as
it's thoroughly disabled by default.

--
"Deserves death! Ah, I daresay he does. Many that live deserve | -=R=-
death. And some that die deserve life. Can you give that to them? |web: http://
Then be not too eager to deal out death in the name of justice, |fscked.co.uk
fearing for your own safety. Even the wise cannot see all ends." |icq:66545073

Richard Gaywood wrote:

Previously in uk.comp.vendors, Peter Hayes said:
Linux and OS X have at least some safeguards against idiots clicking on
executables, firstly the user will likely have to chmod +x if
permissions allow, then the malware will only affect their own files and
not corrupt other users and system files. Unless they're daft enough to
do it as root when they'll get all they deserve.

I hear this argument a lot and I don't actually give it any credence. If
I got a virus that blew away /home/rich, I'd be devestated; by
definition, almost all of the files that I care about are under there,
and I have write permissions to them when running as myself. True, other
people's files would be safe, but that doesn't bring my files back...
and true, everything under /usr would be safe, but I could apt-get that
back at any moment anyway.

You do create backups, don't you?

But I agree it wouldn't be a very pleasant experience.

--

Peter

Previously in uk.comp.vendors, Peter Hayes said:
Richard Gaywood wrote:
I hear this argument a lot and I don't actually give it any credence. If
I got a virus that blew away /home/rich, I'd be devestated; by
definition, almost all of the files that I care about are under there,
and I have write permissions to them when running as myself. True, other
people's files would be safe, but that doesn't bring my files back...
and true, everything under /usr would be safe, but I could apt-get that
back at any moment anyway.

You do create backups, don't you?

Yes, but that's hardly pertinent when discussing different OSs. Although
at least I can script backups much easier under Linux.

--
"Ah yes, uk.misc where men are men, women are women and small furry| -=R=-
things from Alpha Centauri say `don't shpxvat top-post here, you |web: http://
brainless phag'" [ROT13]|fscked.co.uk
-- Chris Eilbeck in |icq:66545073

"Peter Hayes" wrote in message
news:1g87s9m.1lddws9ombrbwN%
I believe it was Lindows that did this stupid thing, but all the
mainstream distros include a user setup page as part of the installation
dialogue. If I log in as root on my SuSE 8.2 installation I get a bright
red background with "bombs" which helps to remind me of the dangers in
runing as root.

Well granted, it's a pity XP doesn't do that. However at least it asks you
to create a few accounts when you first set it up. I think it joins them to
the local admin group though - can't remember, normally setup XP on a
domain! The "run-as" option goes a good bit of the way towards providing
the option of running unprivaliged and auto-prompting when admin is needed.

As for Macs ... so are they!

When I do something like install an app I'm asked for the root password,
and that's how it should be.

Perhaps the guy who setup our new Panther installs did it badly then, all
the logins are fully admin.

I take it you don't like OS X?

No, I hate it!! Looks nice, piece of badly thought out crap as usual from
Apple. BTW, can anyone shed any light as to why they can't allow for more
than a 7 character password? In this day and age how is that meant to be
anything but laughable in a domain environment?


a

"al" wrote in message
...
"Peter Hayes" wrote in message
news:1g87s9m.1lddws9ombrbwN%

No, I hate it!! Looks nice, piece of badly thought out crap as usual from
Apple. BTW, can anyone shed any light as to why they can't allow for more
than a 7 character password? In this day and age how is that meant to be
anything but laughable in a domain environment?



You can create a very strong password with "just" 7 characters as long as
you use a few extended characters outside the normal a-z, 0-9 range.

--
Fik

"Fik" wrote in message
-
You can create a very strong password with "just" 7 characters as long as
you use a few extended characters outside the normal a-z, 0-9 range.


Rubbish - it's not good enough. The fact of the matter is most create
longer passwords and when they move from their PC to the crappy Mac it won't
work. It's second rate ... like most things on a Mac. Also, I know of
quite a few password policies with 8 characters or more as a requirement
these days.



a

al wrote:

"Fik" wrote in message
-
You can create a very strong password with "just" 7 characters as long as
you use a few extended characters outside the normal a-z, 0-9 range.


Rubbish - it's not good enough.

Really? There are 94 printable characters from ASCII 33 - 126 (I've
excluded 32, SPACE, since it is probably invalid in a password) which
gives 94^7 or 64,847,759,419,264 possible passwords.

The fact of the matter is most create
longer passwords and when they move from their PC to the crappy Mac it won't
work. It's second rate ... like most things on a Mac. Also, I know of
quite a few password policies with 8 characters or more as a requirement
these days.



a

Parish wrote:

al wrote:

"Fik" wrote in message
-
You can create a very strong password with "just" 7 characters as long as
you use a few extended characters outside the normal a-z, 0-9 range.


Rubbish - it's not good enough.

Really? There are 94 printable characters from ASCII 33 - 126 (I've
excluded 32, SPACE, since it is probably invalid in a password) which
gives 94^7 or 64,847,759,419,264 possible passwords.


Caveat: Assuming that passwords are case-sensitive on Macs; if not then
it's 68^7 or 6,722,988,818,432

The fact of the matter is most create
longer passwords and when they move from their PC to the crappy Mac it won't
work. It's second rate ... like most things on a Mac. Also, I know of
quite a few password policies with 8 characters or more as a requirement
these days.



a

"Parish" wrote in message
...
Really? There are 94 printable characters from ASCII 33 - 126 (I've
excluded 32, SPACE, since it is probably invalid in a password) which
gives 94^7 or 64,847,759,419,264 possible passwords.


Caveat: Assuming that passwords are case-sensitive on Macs; if not then
it's 68^7 or 6,722,988,818,432


The sad reality between sitting at home working out stuff like that and
actually working in the security field is that you have to deal with
reality. People choose crap passwords. Therefore if they have to be under
7 characters (and I seriously hope no password policies allow less than 5!)
then it's harder to think of something that fits and it will be an easy word
(how many people use the complexity mask in password policies?). Therefore
easy to guess/crack. Longer passwords at least mean that it's harder to
crack even when it's not too complex a password.

You and I might be part of that 0.5% that make a secure 7 character
password. Everybody else isn't! Therefore it's not a good idea. Plus, I
don't know why we're even discussing this - it's just plain dumb to have
such an idiotic limit in a modern OS!! WTF were they thinking!?


a

Previously in uk.comp.vendors, al said:
"Peter Hayes" wrote in message
news:1g87s9m.1lddws9ombrbwN%

I take it you don't like OS X?

No, I hate it!! Looks nice, piece of badly thought out crap as usual from
Apple.

I disagree, but we're all different.

BTW, can anyone shed any light as to why they can't allow for more
than a 7 character password? In this day and age how is that meant to
be anything but laughable in a domain environment?

My iBook's user account has an eight character password. Furthermore,
all eight characters count; you can't just enter the first seven at the
login prompt. This was the case under 10.2.X and is still the case under
10.3.X.

So what are you on about?

--
"Like any case mod, this one takes a bit of polish to finish it off| -=R=-
so it looks neat. For this one I used a 4 pound hand-sledge, just |web: http://
for that near-OEM look." |fscked.co.uk
-- http://www.2cooltek.com/case001.html |icq:66545073