Apple Posts Leopard Security Guide, 2nd Edition

Analysis

Archives
Readers' Pick: Apple's Cash on Hand vs. Microsoft

January 21st, 2009 at 12:40 PM - Opinion by John Martellaro

Apple posted the second edition of its "Mac OS X Security Configuration for Version 10.5 Leopard" on Tuesday. The guide provides system administrators with detailed guidance on how to secure a Mac OS X system in order to comply with corporate or government security policies. However, it is also a useful -- and sobering -- introduction to hardening Mac OS X for the user who wants to take the next step in securing a Mac.

The new security guide is listed, along with other security guides for Leopard Server as well as Mac OS X Tiger and Panther. The 2nd edition for Leopard client is 260 pages.

One section that may be of interest is the security auditing process associated with the Common Criteria certification process. The Apple Security Guide introduces this in chapter 13. Essentially, the auditing process provides for extensive logs, which can be parsed, and which document a wide range of user activity in a controlled environment. For example, a sysadmin might want to know which users have tried to use the "sudo" command and when.

While the guide is aimed a UNIX sysadmins who are experts on the command line -- insofar as understanding the implications of the changes they make, the document is also interesting reading for those who want to learn more about Mac system security in general. One warning here, and Apple makes it clear, it's possible to really bork up a Mac OS X system by trying things on the command line without an understanding of UNIX fundamentals. In this regard, for novices, reading and learning are good, mucking around not so much.

Sec Guide -1

Sec Guide-2

Sample from Leopard Security Guide

One change discovered from the first edition was the procedure for setting the global umask. However, Apple hasn't published a list of changes from the 1st to the 2nd edition. This is something that's worth doing, and it's been suggested to Apple.

Commenting is not available in this section entry.

Recent Headlines - Updated November 10th

Tue, 1:35 PM: Analysis - How the TMO Staff Members Use Their iPhones, Part I of II
11:45 AM: Product News - Microsoft Office 2008 12.2.3 Addresses Security Flaws
11:18 AM: Product News - OWC Axes Axiotron Modbook Prices by $500
10:39 AM: Hot Forum Topic - Multi-drive Data Shuffle
9:59 AM: News - Google Offers Up Free Wi-Fi for the Holidays
9:34 AM: Product News - MiniMail 2 Adds Snow Leopard Support
8:58 AM: News - AT&T: iPhone Tethering Really is Coming… Eventually
8:16 AM: News - Apple Releases Security Update 2009-006 for Leopard, Snow Leopard
Mon, 7:20 PM: Rumor - Apple May Update iPod touch in December
6:45 PM: Product News - MacUpdate Desktop Updated to 5.0.1 with New Features, Bug Fixes
5:16 PM: News - Apple Releases Mac OS X 10.6.2 - Guest Account Bug Fixed, Much More [Updated]
4:12 PM: Games - New For iPhone: Star Rangers, Air Force Supremacy, Blood Beach, More

The Mac Observer Reader Specials

TypeStyler For Mac OS X is Now Shipping! Download The Free Fully Functional 60 Day Tryout at www.typestyler.com
RamJet Memory: Mac Pro 8-core 8GB Kit $199.99, 4GB Kits $109.99! Sale on MacBook and MacBook Pro 8GB kits $549.99! New MacBook DDR3 2GB for $49.99. iMac and Mac mini 4GB Kits for $79.99! 1TB SATA Hard Drives for $109.99! Click here
OWC: We Make DIY Upgrading Easy! Maximize your Apple MacBook / MacBook Pro. Up to 8.0GB Memory, up to 1.0TB HD & More. Easy Guide + Free, Detailed Installation Videos. Click here
If you're using a Mac, then you've gotta check out Full Tilt Poker for Mac. This Full Tilt Poker bonus code does the unthinkable, it actually rewards!
For the latest Apple products use Ciao, a price comparison website, to find laptops like MacBook Air. Then find the best prices on MP3 players and use our comparison tool to evaluate mobile phones like the Apple iPhone.
Laptop Hardware Provided by TechRestore - Overnight Mac & iPod Repairs.

Apple Stock Quote

AAPL: $202.78. Change: +1.32.
(Prices delayed up to 20 minutes.)
Discuss in our Apple Finance Board

Hot Topics

What's the buzz? These articles have TMO readers talking.

Psystar to Court: Just Say We’re Legit - 27 Comments
Apple Magic Mouse is no Magic Bullet - 18 Comments
AT&T Sues Verizon Alleging Misleading “There’s A Map For That” Ads - 18 Comments
CNET Dubs iPhone the Worst Phone in the World - 17 Comments
Fortune CEO of the Decade: Steve Jobs - 14 Comments
Apple May Update iPod touch in December - 12 Comments

TMO Express

Join the TMO Express Daily Newsletter to get the latest Mac headlines in your e-mail every weekday. Find out more!

Top Deals From DealBrothers.com

Recent Features

Get the latest installments of TMO Columns, Podcasts, & Blogs.

© The Mac Observer, Inc. -- All rights reserved. All information presented on this site is copyrighted by The Mac Observer, Inc. except where otherwise noted. No portion of this site may be copied without express written consent. Other sites are invited to link to any aspect of this site provided that all content is presented in its original form and is not placed within another frame. The Mac Observer is an independent publication and has not been authorized, sponsored, or otherwise approved by Apple, Inc.