Re: Security
Re: Security
- Subject: Re: Security
- From: Roger Howard <email@hidden>
- Date: Fri, 18 Sep 2009 15:16:13 -0700
On Fri, 18 Sep 2009 14:38:11 -0500, Luther Fuller <email@hidden>
wrote:
> My scripting activities lead me to looking into which users can open a
> sparsebundle created by another user. While doing this, I noticed
> something I don't think I like.
>
> I have two startup disks: 10.6.1 on my internal HD and 10.5.8 on an
> external FW HD.
>
> 1. A standard user on the 10.5.8 external HD can read the Home folder
> of any standard (but not admin) user on the 10.6.1 internal HD.
>
> 2. A standard user on the 10.6.1 internal HD can read the Home folder
> of any user (including admin) on the 10.5.8 external drive.
>
> Apparently, if I wanted to snoop, I could carry around an external
> 10.6.1 FW startup drive and see things you wouldn't want me to see.
If you have physical access to a machine that would allow you to boot into
an OS/volume of your choosing - like the case you suggest - then UID-based
security is an illusion. If you want to make sure your data is secure
against applications running in another instance of an OS you must use
encryption.
> Do you see a bug here?
Nope, it's the way things work.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
AppleScript-Users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
Archives: http://lists.apple.com/archives/applescript-users
This email sent to email@hidden
| References: | |
| | >Security (From: Luther Fuller <email@hidden>) |