Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Permisson Question

ImConfusedAgain said:
I didn't know this about admin accounts. Firewall is on firmware password is on I may have to format the hard drive. The part I don't understand is how the shared services were switched on. Lets say for argument sake my computer was being shared and remote access was on can anyone just connect to my computer? Or do they need my password to connect to my files and see what i'm seeing? Thanks for the above info its very helpful.
Click to expand...

I would never allow remote access to my mac, and don't know anything about it.

If you rebuild your machine from scratch, i.e. format your HDD and install a clean copy of macOS, then all of your concerns are a moot point.

That, and moving forward, making sure you do everything I said above, and you make sure that other people don't have easy physical access to your machine - although a firmware password should mitigate that risk mostly.

If you would learn how to make a bootable USB installer, you could have fixed this problem in the time you've been posting here. (Reconfiguring your apps and migrating data could take longer, though.)

Turn the page and rebuild your amcine is my advice. (And make sure to use a modern macOS because that matters too.)
 
ThrowerGB said:
@ApfelKuchen, I think the latter part of your post is rude and unwarranted. Always remember to focus on the issue or behavior without getting personal. Treat everyone with dignity. We should always encourage people who ask questions. On this type of forum we should expect questions from novices through to experts.
Having said that, I thank you for your explanation. Despite many years of experience with computing systems, including as a sysadmin, I've had similar concerns to those of the original poster and have had difficulty finding sites that help. Your explanation of staff and everyone groups was succinct and answered the questions I've had.
I'd also like to thank @Slarti.BartFast and @Red Menace. Your explanations of how OSx permissions have adopted *nix system approaches were important additions.
I must say that as part of the focus on security in Catalina, I see changes to permissions and groups I hadn't noticed before. I suspect Apple were cleaning up some things related to groups and permissions.
Click to expand...

I really learned a lot the last few hours here. After getting ApfelKuchen reply i thought i must have been wrong about everything. I searched for hours trying to find information on my problem with little success. Im thankful that I was able to get a good head start to what i need to do. Gives me options that I was unaware of.
Texas_Toast said:
I would never allow remote access to my mac, and don't know anything about it.

If you rebuild your machine from scratch, i.e. format your HDD and install a clean copy of macOS, then all of your concerns are a moot point.

That, and moving forward, making sure you do everything I said above, and you make sure that other people don't have easy physical access to your machine - although a firmware password should mitigate that risk mostly.

If you would learn how to make a bootable USB installer, you could have fixed this problem in the time you've been posting here. (Reconfiguring your apps and migrating data could take longer, though.)

Turn the page and rebuild your amcine is my advice. (And make sure to use a modern macOS because that matters too.)
Click to expand...
Thanks for all this. I will try and get it all done.
 
  • Like
Reactions: Ambrosia7177
Your machine needs to be set up for someone else to access your files. Even if you had file sharing turned on, you will have had to set up access for something other than the Public folder, and even then they would need to know the credentials to log in to the account. If some sketchy application has been installed (especially as admin) there is no telling what it did, but you would have had to install it.

The permissions you indicated in your initial posts are normal - is there something else that makes you think someone has accessed your machine? If you are that concerned, the only way to be sure is to perform a clean install, although you would also need to avoid reinstalling stuff that you don't know about.
 
To add to what @Red Menace said...

If you install crap applications onto your Mac, then you will have problems, including security problems.

K.I.S.S.

Less is more.

If you install software, do so from reputable sources like the App Store, or from well known sources, or from established open-source projects (e.g. LibreOffice, Firefox, etc).

If you get into social media and any related apps, then you get what you deserve!

If you mac has any sensitive data on it, or access to accounts with senstive data (e.g. online banking) then you need to treat it like a business office or safe, and limit who can have access.

If your Mac is purely for surfing and pleasure, then you can take a less rigorous approach.

If you mix both, then hat is asking for trouble.

But be *very* skeptical of any appliations you put on your Mac, including common once like Microsoft products... ;-)
 
Red Menace said:
Your machine needs to be set up for someone else to access your files. Even if you had file sharing turned on, you will have had to set up access for something other than the Public folder, and even then they would need to know the credentials to log in to the account. If some sketchy application has been installed (especially as admin) there is no telling what it did, but you would have had to install it.

The permissions you indicated in your initial posts are normal - is there something else that makes you think someone has accessed your machine? If you are that concerned, the only way to be sure is to perform a clean install, although you would also need to avoid reinstalling stuff that you don't know about.
Click to expand...

Like you said the problem is not to backup anything malicious. I really believe my account was compromised because the sharing was not limited to a public folder but my whole user account. File sharing was switched on and remote login also. Being an admin account may have been what screwed me up.
It makes sense because I would never turn these options on ever. And I know by default they are off. I have read that these options are a perfect setup for hackers as everything is open and easy to access. All the sharing is now off and the unknown users have been deleted. Also did a re install of OS and a scan for malware. Not sure if thats enough to fix the issue. If i notice anything unusual again I will definitely format and start again. Again thanks for all your help i've learned a lot.
[automerge]1596051591[/automerge]
Texas_Toast said:
To add to what @Red Menace said...

If you install crap applications onto your Mac, then you will have problems, including security problems.

K.I.S.S.

Less is more.

If you install software, do so from reputable sources like the App Store, or from well known sources, or from established open-source projects (e.g. LibreOffice, Firefox, etc).

If you get into social media and any related apps, then you get what you deserve!

If you mac has any sensitive data on it, or access to accounts with senstive data (e.g. online banking) then you need to treat it like a business office or safe, and limit who can have access.

If your Mac is purely for surfing and pleasure, then you can take a less rigorous approach.

If you mix both, then hat is asking for trouble.

But be *very* skeptical of any appliations you put on your Mac, including common once like Microsoft products... ;-)
Click to expand...

Regarding others having physical access can they do much without my passwords?
 
Last edited:
ImConfusedAgain said:
Also did a re install of OS and a scan for malware. Not sure if thats enough to fix the issue. If i notice anything unusual again I will definitely format and start again. Again thanks for all your help i've learned a lot.
Click to expand...

If you just instaleld macOS over your current image, then that is NOT what I suggested.

Based on your concerns, you first need to learn how to create a "bootable USB installer".

Why don't you search on MacRumors for that, go get a new USB drive, make say a Mojave installer, then format your internal HDD/SSD, and use the instalelr to re-install a virgin copy of macOS?

That si what you need to do first.


ImConfusedAgain said:
Regarding others having physical access can they do much without my passwords?
Click to expand...

If you have properly set up a firmware password with a strong password, and you have an uncorrupted Admin accont, and your Admin account has a strong password, then your machine is pretty solid.

But if your password is "fluffy" or if it is "#$%^TFVHY*I" but your roommate knows that, then you are toast...
 
Well, with physical access someone could just remove your drive, unless you are also encrypting it. The rabbit hole just keeps going, so as long as you are aware of the various attack vectors and pay attention, you should be OK. Just remember that security is a process, not a product.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back