W/o some extra frobbing of permissions, all the Applications (in/Applications) are world writeable by users in the 'admin' group.
That's some contradicting terms there. "world writable" of users in the 'admin' group. World (aka 'other') writable permissions mean those NOT in the group or user ownership perms.
The first user in macosx is in the 'admin' group. Unless you make a 2nd user for yourself, you can basically overwrite anything in the Applications folder.
While true, it still keeps the system safe. You can blow away applications, but you can still boot and get into the system. Effectively, despite screwing up the applications, the system has not been compromised by the default "admin" user.
That same user is also in the sudoers list, and thus could wipe everything out, but it's not something most people will be able to easily do.
Installing Mozilla and many other apps that do not require system file changes do not require root. Many basic apps are in.app bundles and do not have files beyond that.
Basic application install into home directories obviously do not require more than the user's permissions.
Installing to the/Applications folder does require a user that is in the admin group. A non-admin user cannot write files to/Applications. It does not require the additional step of actually logging in as root.
Installing files that are owned and controlled only by root (system files, etc), require a sudo login (ie. root uid execution).
The default *nix permissions used on MacOS X are pretty decent.
One of the keys to the permissions though is not that anyone can install an app (ie to their home directory), but that if they did, when they run the app, their user (and this apps they run) still doesn't have any ability to damage the system.
What annoys me is that this stupid TROLL of a post made it to the front Apple page. I knew slashdot was going down a bit in quality, but this is just freakin' rediculous.
I was going to post pretty much the same. Although, I would have more specifically pointed out that by time Longhorn actually DOES release, Apple will have likely released at least 3-4 minor revisions to Panther, and quite possibly be on the NEXT major release of OSX.
As far as I can tell Longhorn is still mostly a bunch of broken ideas. So its IDEAS might be more impressive technically. But apparently there are problems with making those ideas a reality, as is often the case when some marketing shmoe oversells the abilities of a product, both before consulting with the engineers to see what is even possible, and before the product has been researched fully. I expect that many if the marvels of Longhorn will never see the light of day, and it will be a POS as many of the Windows releases have been.
And when it comes down to it, technical impressiveness isn't what sells it. Microsoft knows that. It's what it can do for people who don't give a rats ass about how impressive it is technically. And that's where MacOS X does things well. Hell, I actually have a Windows Systems Engineer (15-20 years of experience) wanting a Mac because of a small handful of VERY useful features and abilities I showed him.
Yeah, it is a little bit much... but you know... once I got mine, I can't imagine not having one. ALL of my music is in it. Granted, I only have about 3-4 days of continuous music... but I also have another 10 gigs free for expansion.
Only for the next revision. The following Windows release will find a way to bloat itself to the point that even that processor starts to feel slow... just to browse the web.;)
Well, you also need to subtract operations costs. They have to pay for server maintenance, bandwidth, credit card charges, taxes (they eat the cost of these). The actual profit is probably fairly small. I'd venture to say closer to $0.05/song, if that.
They've made no secret that iTMS for Windows is a little like a Trojan horse, to boost branding and sales of iPods and possibly Macs. I think they make a small profit though that, in Volume can be significant. Also, they're likely to increase the profit margin with volume, as they should be able to centralize and reduce overhead.
The keys must be locked to the computer somehow (a la activation) and Apple will only issue you 5. If you want to move your music from one machine to a new one and don't have a spare key, then you need to de-authorize one computer freeing the key so that you can authorize the new one.
Actually, you can only authorize "3" computers. Many people seem to be confusing the number of machines you can share ANY music with simultaneously with the number of machines you can have authorized to play Purchased Music. 3 machines can be authorized for Purchased Music at any time (de-authorizing one will allow authorizing another). 5 machines can access music shared by another machine, on the local network, at any one time. Not too bad a limitation, since more than that will kind of start to cause bandwidth to crawl anyway.
Just clarifying.
Authorizers Computers Limit: 3 Local Simultaneous Shares: 5
You are mistaken. When you "logged in" to iTMS, you actually authorized that machine. The button you clicked said "authorize". Purchased Music can ONLY be played on an authorized machine.
Authorization is NOT needed for sharing with other users. However, if you want to play shared song that was Purchased, you must have that machine be authorized.
The 5 computers thing is a restriction on the number of machines you can authorize to play DRMed music. You can share your own rips with as many on the local network as you like.
Incorrect. The DRM authorization is limited to 3 machines. 5 machines on a local network is the limit for the number of simultaneous "connections" you can have for sharing. Of course, this is not much of an issue, since even 5 machines pulling streamed music off your poor boxes network card, can start to affect quality.
Also, speaking as a Mac user (as of 2.5 years ago, with OS X), I'd like to point out that Rendezvous is NOT something Apple just cooked up on their own, as the original post/review suggests. Rendezvous is Apple's renaming of a more standards based technology, called Zeroconf. Zeroconf was cooked up in the *nix world. Very nice technology.
And for you Windows users who don't see the potential... imagine printers, shares, IM, Tivo (yes, they are doing it too), just showing up as available because it's on your local network. Rendezvous (as Apple calls it), TRULY makes network interaction and access PLUG and PLAY. I stick want to kick my Windows machines when they don't even recognize EACH OTHER's printer shares (XP to XP).
The first program _I_ opened when I got my Mac (switched 2.5 years back), was Terminal. It made everything feel right.:) heh It was a heck of a lot easier to see what was under the hood and how the system worked. Then I explored more with the GUI's to see what they did.:)
What default option? He was ASKED if he wanted to do it and said yes. I remember that question as well during installation, and said NO. I had no such problems.
Yeah, it's such a pain in the ass to use the iTunes interface to select the songs you want to work with manually, and drag then to your "manual" folder.
Also, the feature that moves your files had to be turned on explicitly when I went through the installation.
No, it's $259,000,000. Unlike the byte, Mega dollars convert in powers of 10. I think bits/bytes may be the only things I know of that uses 2^10 steps, instead of standard metric increments.:)
My way, create a.tcshrc file in your home directory (yes, it begins with a dot), and have that file contain a line with:
source/usr/share/tcsh/examples/rc
The instructions I read say something about creating an ~/init/tcsh directory and putting links, and blah blah blah... Didn't seem to need it myself. And when I looked through the real rc, all seemed well. The article I read a while back also had incorrect paths for that examples directory, so what do they know.;) (maybe they fixed that now)
I believe there was a minor bug (annoying but not problematic) in the/usr/share/tcsh/examples/aliases file. Something to do with TERM_PROGRAM. In mine I think I commented out the following lines (but not sure if I did that):
#if ("$TERM_PROGRAM" == "Apple_Terminal") then # alias settermtitle 'echo -n ""' #endif
I was used to bash as well, and still use it as my default on my work accounts. However, I allowed myself to get used to tcsh, AND Apple's configurations for it (eventually disabled by default in 10.2, I think). Once I got used to how they configured tcsh, I was rather content to use it. When they removed the configurations that made tcsh behave as it did in earlier versions of OS X, I was annoyed, and immediate found out how to turn those back on.
So, as long as they offer an option with some nice configurations with bash, then I'm all for it. And I DON'T want to have to configure it myself. I simply don't have the time or patience. IF tcsh actually goes away, they better port the enhancements to bash... that's all I gotta say.
Well, I do too. 2 PB's (one from work) and a PowerMac. I also have 3 servers at home running Linux.
My point though, is that my parents don't (yet!). And THEY'RE the ones I need to support. It has nothing to do with what I run, just what THEY run. But I'm working on it!
Amen! I have been trying to get my mom and her boyfriend to get a Mac. I got them setup with Wireless at home. I setup their laptop to work wirelessly (Running Windows 98... old one), and I support them and their XP desktop (*sigh*). When it came time to get a new laptop, they went the XP route (Compaq). While I think Compaq has some nice machines, it's been nothing but a nightmare in dealing with XP and its "intellegent" handling of the wireless network.
I am still pushing for them to get an iBook. I endlessly tell them how much nicer most of their tasks would be. How much less risk they will have of viruses, etc. At least I don't let them use Outlook.
So, the way I see it... as a 20-something (can still barely claim that) year old guy it's a wise choice to promote OS X with family members. It will seriously cut down on your overall cost of support time and generally annoying phone calls. I've almost got my dad convinced that a Mac will be his next computer. His friend concurs it's the right choice for him. Wish me luck! I need to cut down on this support overhead!
Just glad I grabbed $1000 of AAPL on the recent down swing. I expect it will go up a pretty good amount over the next 6 months or so. G5 numbers will come in, and then Windows iTMS (which I wish they would release sooner if possible).
1. You could sell your soul and buy into the MS music store when available.
2. You could wait a few months and enjoy Apple's service when it's available.
Fortunately, I both have a Mac (2 years convert) and live in the US. It's not like a few months is going to kill you. You went your whole life without online music stores of this nature. A little more patience might pay off. And from what I'm constantly reading, Europe isn't too happy with MS lately, either, with all the law suits popping up.
I have thought this since I first signed up on the site. A user should have a little more control over their "friend network". It would be nice to have the ability to set the "degrees" of separation yourself (with a site max of course). Also, after using the site for a while, I realize it would also be nice to have exclusions, such that if a connection has to route through someone I've excluded from my network then either another path must be found, or that connection is not made.
Not sure how that would work with the algorithms though. It could be kind of difficult to include those exclusions and keep performance (not that the site performs well now).
I think it would also create interesting "subnetworks". I'm guessing that the fakesters would end up being in isolated networks, while people interested in using the site for the "proper" purposes (defined by the site policies) would be far less affected.
By tone, I get the feeling you are in disagreement with me somewhere, but I'm not quite sure, since I agree with pretty much all you said.
As for reconfiguring Mail.app? Why? I have all my SMTP servers configured at once, and if one fails, it prompts for the one to use. Personally, I think the default mail server of Mail.app should be tied into the network "Location". Actually, there are a few things that I think ought to be tied to the location.
Slashdot Mirror
W/o some extra frobbing of permissions, all the Applications (in /Applications) are world writeable by users in the 'admin' group.
That's some contradicting terms there. "world writable" of users in the 'admin' group. World (aka 'other') writable permissions mean those NOT in the group or user ownership perms.
The first user in macosx is in the 'admin' group. Unless you make a 2nd user for yourself, you can basically overwrite anything in the Applications folder.
While true, it still keeps the system safe. You can blow away applications, but you can still boot and get into the system. Effectively, despite screwing up the applications, the system has not been compromised by the default "admin" user.
That same user is also in the sudoers list, and thus could wipe everything out, but it's not something most people will be able to easily do.
-Alex
Installing Mozilla and many other apps that do not require system file changes do not require root. Many basic apps are in .app bundles and do not have files beyond that.
/Applications folder does require a user that is in the admin group. A non-admin user cannot write files to /Applications. It does not require the additional step of actually logging in as root.
Basic application install into home directories obviously do not require more than the user's permissions.
Installing to the
Installing files that are owned and controlled only by root (system files, etc), require a sudo login (ie. root uid execution).
The default *nix permissions used on MacOS X are pretty decent.
One of the keys to the permissions though is not that anyone can install an app (ie to their home directory), but that if they did, when they run the app, their user (and this apps they run) still doesn't have any ability to damage the system.
-Alex
What annoys me is that this stupid TROLL of a post made it to the front Apple page. I knew slashdot was going down a bit in quality, but this is just freakin' rediculous.
-Alex
I was going to post pretty much the same. Although, I would have more specifically pointed out that by time Longhorn actually DOES release, Apple will have likely released at least 3-4 minor revisions to Panther, and quite possibly be on the NEXT major release of OSX.
As far as I can tell Longhorn is still mostly a bunch of broken ideas. So its IDEAS might be more impressive technically. But apparently there are problems with making those ideas a reality, as is often the case when some marketing shmoe oversells the abilities of a product, both before consulting with the engineers to see what is even possible, and before the product has been researched fully. I expect that many if the marvels of Longhorn will never see the light of day, and it will be a POS as many of the Windows releases have been.
And when it comes down to it, technical impressiveness isn't what sells it. Microsoft knows that. It's what it can do for people who don't give a rats ass about how impressive it is technically. And that's where MacOS X does things well. Hell, I actually have a Windows Systems Engineer (15-20 years of experience) wanting a Mac because of a small handful of VERY useful features and abilities I showed him.
-Alex
Yeah, it is a little bit much... but you know... once I got mine, I can't imagine not having one. ALL of my music is in it. Granted, I only have about 3-4 days of continuous music... but I also have another 10 gigs free for expansion.
-Alex
Only for the next revision. The following Windows release will find a way to bloat itself to the point that even that processor starts to feel slow... just to browse the web. ;)
-Alex
can this new, fancy processor increase the speed at which my porn loads and is displayed??? ;)
-Alex
Hmmm... Lenox mall. I haven't heard that in years. They didn't have Apple Stores back then. :)
-Alex
Well, you also need to subtract operations costs. They have to pay for server maintenance, bandwidth, credit card charges, taxes (they eat the cost of these). The actual profit is probably fairly small. I'd venture to say closer to $0.05/song, if that.
They've made no secret that iTMS for Windows is a little like a Trojan horse, to boost branding and sales of iPods and possibly Macs. I think they make a small profit though that, in Volume can be significant. Also, they're likely to increase the profit margin with volume, as they should be able to centralize and reduce overhead.
-Alex
The keys must be locked to the computer somehow (a la activation) and Apple will only issue you 5. If you want to move your music from one machine to a new one and don't have a spare key, then you need to de-authorize one computer freeing the key so that you can authorize the new one.
Actually, you can only authorize "3" computers. Many people seem to be confusing the number of machines you can share ANY music with simultaneously with the number of machines you can have authorized to play Purchased Music. 3 machines can be authorized for Purchased Music at any time (de-authorizing one will allow authorizing another). 5 machines can access music shared by another machine, on the local network, at any one time. Not too bad a limitation, since more than that will kind of start to cause bandwidth to crawl anyway.
Just clarifying.
Authorizers Computers Limit: 3
Local Simultaneous Shares: 5
-Alex
You are mistaken. When you "logged in" to iTMS, you actually authorized that machine. The button you clicked said "authorize". Purchased Music can ONLY be played on an authorized machine.
Authorization is NOT needed for sharing with other users. However, if you want to play shared song that was Purchased, you must have that machine be authorized.
This is the way it works.
-Alex
The 5 computers thing is a restriction on the number of machines you can authorize to play DRMed music. You can share your own rips with as many on the local network as you like.
Incorrect. The DRM authorization is limited to 3 machines. 5 machines on a local network is the limit for the number of simultaneous "connections" you can have for sharing. Of course, this is not much of an issue, since even 5 machines pulling streamed music off your poor boxes network card, can start to affect quality.
Also, speaking as a Mac user (as of 2.5 years ago, with OS X), I'd like to point out that Rendezvous is NOT something Apple just cooked up on their own, as the original post/review suggests. Rendezvous is Apple's renaming of a more standards based technology, called Zeroconf. Zeroconf was cooked up in the *nix world. Very nice technology.
And for you Windows users who don't see the potential... imagine printers, shares, IM, Tivo (yes, they are doing it too), just showing up as available because it's on your local network. Rendezvous (as Apple calls it), TRULY makes network interaction and access PLUG and PLAY. I stick want to kick my Windows machines when they don't even recognize EACH OTHER's printer shares (XP to XP).
-Alex
That's an ssh session, thank you very much! :P ;)
:) heh It was a heck of a lot easier to see what was under the hood and how the system worked. Then I explored more with the GUI's to see what they did. :)
The first program _I_ opened when I got my Mac (switched 2.5 years back), was Terminal. It made everything feel right.
-Alex
What default option? He was ASKED if he wanted to do it and said yes. I remember that question as well during installation, and said NO. I had no such problems.
-Alex
Yeah, it's such a pain in the ass to use the iTunes interface to select the songs you want to work with manually, and drag then to your "manual" folder.
Also, the feature that moves your files had to be turned on explicitly when I went through the installation.
-Alex
No, it's $259,000,000. Unlike the byte, Mega dollars convert in powers of 10. I think bits/bytes may be the only things I know of that uses 2^10 steps, instead of standard metric increments. :)
-Alex
Aww man! You're gonna make me think? You can find it in Apple's help knowledge base.
1 07 106
.tcshrc file in your home directory (yes, it begins with a dot), and have that file contain a line with:
/usr/share/tcsh/examples/rc
;) (maybe they fixed that now)
/usr/share/tcsh/examples/aliases file. Something to do with TERM_PROGRAM. In mine I think I commented out the following lines (but not sure if I did that):
http://docs.info.apple.com/article.html?artnum=
My way, create a
source
The instructions I read say something about creating an ~/init/tcsh directory and putting links, and blah blah blah... Didn't seem to need it myself. And when I looked through the real rc, all seemed well. The article I read a while back also had incorrect paths for that examples directory, so what do they know.
I believe there was a minor bug (annoying but not problematic) in the
#if ("$TERM_PROGRAM" == "Apple_Terminal") then
# alias settermtitle 'echo -n ""'
#endif
Hope that helps.
-Alex
I was used to bash as well, and still use it as my default on my work accounts. However, I allowed myself to get used to tcsh, AND Apple's configurations for it (eventually disabled by default in 10.2, I think). Once I got used to how they configured tcsh, I was rather content to use it. When they removed the configurations that made tcsh behave as it did in earlier versions of OS X, I was annoyed, and immediate found out how to turn those back on.
So, as long as they offer an option with some nice configurations with bash, then I'm all for it. And I DON'T want to have to configure it myself. I simply don't have the time or patience. IF tcsh actually goes away, they better port the enhancements to bash... that's all I gotta say.
-Alex
Well, I do too. 2 PB's (one from work) and a PowerMac. I also have 3 servers at home running Linux.
My point though, is that my parents don't (yet!). And THEY'RE the ones I need to support. It has nothing to do with what I run, just what THEY run. But I'm working on it!
-Alex
Minor enhancement to yer sig:
.serac lleh eht ohW
;)
perl -e '$;=sub{$/};@;=map{my($a,$b)=($_,$;);$; =sub{$a.$b->()}}split//,join(" ",@ARGV)||".rekcah lreP rehtona tsuJ";$\=$;->();print$/;'
Just putting it into action and providing a more usable interface.
-Alex
Amen! I have been trying to get my mom and her boyfriend to get a Mac. I got them setup with Wireless at home. I setup their laptop to work wirelessly (Running Windows 98 ... old one), and I support them and their XP desktop (*sigh*). When it came time to get a new laptop, they went the XP route (Compaq). While I think Compaq has some nice machines, it's been nothing but a nightmare in dealing with XP and its "intellegent" handling of the wireless network.
I am still pushing for them to get an iBook. I endlessly tell them how much nicer most of their tasks would be. How much less risk they will have of viruses, etc. At least I don't let them use Outlook.
So, the way I see it... as a 20-something (can still barely claim that) year old guy it's a wise choice to promote OS X with family members. It will seriously cut down on your overall cost of support time and generally annoying phone calls. I've almost got my dad convinced that a Mac will be his next computer. His friend concurs it's the right choice for him. Wish me luck! I need to cut down on this support overhead!
-Alex
Just glad I grabbed $1000 of AAPL on the recent down swing. I expect it will go up a pretty good amount over the next 6 months or so. G5 numbers will come in, and then Windows iTMS (which I wish they would release sooner if possible).
;)\
Go AAPL!
-Alex
Well, your options are:
1. You could sell your soul and buy into the MS music store when available.
2. You could wait a few months and enjoy Apple's service when it's available.
Fortunately, I both have a Mac (2 years convert) and live in the US. It's not like a few months is going to kill you. You went your whole life without online music stores of this nature. A little more patience might pay off. And from what I'm constantly reading, Europe isn't too happy with MS lately, either, with all the law suits popping up.
-Alex
I have thought this since I first signed up on the site. A user should have a little more control over their "friend network". It would be nice to have the ability to set the "degrees" of separation yourself (with a site max of course). Also, after using the site for a while, I realize it would also be nice to have exclusions, such that if a connection has to route through someone I've excluded from my network then either another path must be found, or that connection is not made.
Not sure how that would work with the algorithms though. It could be kind of difficult to include those exclusions and keep performance (not that the site performs well now).
I think it would also create interesting "subnetworks". I'm guessing that the fakesters would end up being in isolated networks, while people interested in using the site for the "proper" purposes (defined by the site policies) would be far less affected.
Hmmm. They need more user controls!
-Alex
By tone, I get the feeling you are in disagreement with me somewhere, but I'm not quite sure, since I agree with pretty much all you said.
As for reconfiguring Mail.app? Why? I have all my SMTP servers configured at once, and if one fails, it prompts for the one to use. Personally, I think the default mail server of Mail.app should be tied into the network "Location". Actually, there are a few things that I think ought to be tied to the location.
-Alex