I am currently using OS X with a Standard user that has no admin privileges in the OS GUI.
Note: My Standard user does however have sudo
permissions in /etc/private/sudoers
. This enables password protection when doing critical tasks in Terminal, while retaining flexibility.
For everyday use in the OS GUI, I keep a separate admin account. When necessary, I am asked to enter its username and password, e.g. for unlocking System Preferences or modifying /Applications
.
Questions:
- Is this good practice? Why/Why not?
- What are the risks associated with this setup?
Best Answer
Yes, the less your user can do, the less it can break. You can easily choose a short admin user name and use an easy to type password for doing admin things.
It really depends on your threat model and how expensive tech-support is for you and your organization and whether you have data that's worth protecting. You can surely run admin users and use something like Time Machine combined with periodic off-site or off-line backups so that if you should lose data or have a system compromise, you can plan for how long it will take to restore your system to before it was changed.
Your permissions and planning seem prudent and I don't see any downside to your set up.