Posts Tagged ‘Desktop Management
Securing SSH on Mac OS X by limiting who can log in
This post will describe two different methods for securing SSH that work on both Tiger and Leopard (client or server). These tips can be done as needed on machines that will have ssh enabled, or as part of your deployment image(s). Personally, I make these changes to our images because if a machine is bound [...]
Adobe Flash 10 Installer launches Finder as root
Several web sites have begun requiring Flash 10 to play their content. This is partially because the PC version of Flash 9 had some security problems that I won’t get into here.
The good news:
Adobe provides their Mac version as a package installer.
The bad news:
Leopard – Keeping the Guest Account Disabled
Much has been said about the new Guest account in Leopard, and how it’s not as simple and secure as Apple makes it sound.
The Lame LeopardTuttle SVC
I think this is a good feature for what Apple probably intended, at home for friends and family members to “borrow” your Mac. But in a higher education environment, [...]
Launchd Video – From the creator of launchd
One of the most misunderstood items in Tiger is launchd which basically replaces inetd, xinetd, cron and at. It’s enough to drive a Unix admin mad. This video is a presentation of launchd by its creator at Apple and he talks about the changes coming in Leopard.
Mac OS X 10.4.10 Unnessesarily replaces sshd_config
It looks like Apple did a very unpleasant modification in the 10.4.10 update. They outright replaced the /etc/sshd_config for a tiny bit of “tidying up” of the GSSAPI section.
Before 10.4.10:
# GSSAPI options#GSSAPIStrictAcceptorCheck yes#GSSAPIKeyExchange yes
# GSSAPI options#GSSAPIAuthentication yes#GSSAPICleanupCredentials yes
After 10.4.10:
# GSSAPI options#GSSAPIAuthentication yes#GSSAPICleanupCredentials yes#GSSAPIStrictAcceptorCheck yes#GSSAPIKeyExchange yes
Now was it really necessary to replace the file? On our [...]
