Thursday, January 26, 2023

Standard Mac User Accounts

Howard Oakley:

There are a few unexpected features that aren’t available to the normal user, of which the most irksome is accessing the log.

[…]

A traditional argument in favour of running as a normal user is that it separates your data from the system, and from other users. Thankfully, in all recent versions of macOS, you don’t need this any more: macOS is tucked away on a read-only snapshot on your System volume, and Privacy & Security work just the same whether you’re an admin or normal user.

[…]

All built-in macOS security protection applies equally to all users, regardless of their privileges.

Even with an admin account, I get prompted for my password all the time. So, these days, it seems like standard accounts are mostly useful for when the administrator is a different person from the user, who is to be prevented from changing settings or installing certain software. The old recommendation—which I didn’t follow—of having the administrator use a standard account most of time makes even less sense now.

4 Comments RSS · Twitter · Mastodon

On a Personal Computer in the Personal sense, the most important stuff are your documents, your emails, your contacts and other personal items, all of which are accessible regardless of whether you run as Admin or not. A regular user essentially has "root access" to all that matters to that user. And so running as a "regular user" does little to protect all of this if a bad actor gets in, and the focus should be on preventing any external access.

Servers are a very different scenario. By definition they allow outsiders in. They contain data for several or many users or services. Here access partitioning makes sense, restricting each user/service to the minimum they need to access protects other areas of the system.

I can't definitively confirm it's still the case, but the big reason I always set up an Admin account on a new Mac (even if I virtually never use it), is from the prior understanding that the first account created on a new Mac is the bonafide "owner" of the Mac, and very little short of completely wiping the hard drive and starting completely over can undo that. I've known people try to give someone else their used Mac and because the only (or original) user account was themself as an Admin, they couldn't delete that account even after making a new account for the new person and making it an Admin. The original account was there permanently. But by making the first account Admin and not doing anything personal on it, it's easy to delete normal user accounts and create new ones if a Mac transfers to another person.

They are still good in case when the mac is being used by your parent while you can only provide tech support over the builtin Screen Sharing.

>On a Personal Computer in the Personal sense, the most important stuff are your documents, your emails, your contacts and other personal items, all of which are accessible regardless of whether you run as Admin or not. A regular user essentially has "root access" to all that matters to that user. And so running as a "regular user" does little to protect all of this if a bad actor gets in, and the focus should be on preventing any external access.

Which is why Apple has increasingly relied on other moats, such as sandboxing and TCC. User-based permissions have become increasingly silly, especially since most systems only have a single user anyway.

Leave a Comment