[UniMacTech] What rights do your laptop users have?
Nigel Kersten
nigel at explanatorygap.net
Tue Feb 10 14:57:16 EST 2009
Unless it's a Macbook Air, bypassing the firmware password on a Mac
laptop is so trivial I consider it a bad idea simply because of the
false sense of security it engenders.
Anyone who is an admin can reset it.
Anyone who can change the amount of RAM in the machine can reset it.
And somewhat less likely, any machine that you can boot into OS 9 can
be bypassed even more trivially.
Firmware passwords are not the solution to your Macs going wandering...
On Mon, Feb 9, 2009 at 2:39 PM, Mervin uy <mervin.uy at usyd.edu.au> wrote:
> Thank you all for your responses. I think I am going to look into Shay's
> response this seems like a good option.. Another question is about Firmware
> Passwords, in the process of locking down these machines I have started
> using the Firmware password so that they are unable to start from CD's or
> Target disk mode.. Are there any other Uni's that use this to lock down the
> Computer?
>
> The Reason I ask is due to a few incidents of Machine's leaving campus and
> never returning.
>
> Thank you all
>
> Merv
>
> On 10/02/09 2:42 AM, "Shay Telfer" <shay at cygnus.uwa.edu.au> wrote:
>
>> On 9/02/2009 1:07 PM, Mervin uy wrote:
>>> Hi All..
>>>
>>> Not really asking a tech question today more of a General query, I am
>>> currently having issues with admin rights and end users constantly
>>> requesting admin rights. I wanted to know what other universities are
>>> doing with laptops in regards to End users requesting Admin rights.
>>>
>>> Cheers all
>>>
>>> Mervin Uy
>>> *Technical Officer
>>> *
>>> School Of Philosophical and Historical Inquiry
>>> *The University of Sydney
>>> *Room 607 Brennan Maccallum Building A18, University of Sydney NSW 2006
>>> T: +61 2 9351 2538 | F: +61 2 9351 3918 | E: Mervin Uy
>>> <_mailto:Mervin.uy at usyd.edu.au_>
>>
>> Note that if you're setting up Mac laptops you may be able to grant
>> some privileges to users via the /etc/authorization file:
>>
>> <http://www.newtonslore.com/2007/11/28/things-you-can-authorize-in-leopard/>
>>
>> For example, from Apple's Knowledgebase (admittedly for 10.4)
>>
>> http://support.apple.com/kb/TA23576
>>
>> Thanks,
>> Shay Telfer
>
> Mervin Uy
> Technical Officer
>
> School Of Philosophical and Historical Inquiry
> The University of Sydney
> Room 607 Brennan Maccallum Building A18, University of Sydney NSW 2006
> T: +61 2 9351 2538 | F: +61 2 9351 3918 | E: Mervin Uy
> <mailto:Mervin.uy at usyd.edu.au>
>
> _______________________________________________
> unimactech mailing list
> unimactech at auc.edu.au
> http://www.auc.edu.au/mailman/listinfo/unimactech
>
More information about the unimactech
mailing list