Loading ...
Sorry, an error occurred while loading the content.

Re: Mildly OT: installing Flash on OS X without password

Expand Messages
  • Henri Smeets
    Installing any program on OSX is preceded by the system asking the system password, it is to prevent unauthorized individuals from installing programs on a
    Message 1 of 15 , Jun 29, 2010
    • 0 Attachment
      Installing any program on OSX is preceded by the system asking the system
      password, it is to prevent unauthorized individuals from installing programs
      on a Mac. Nothing weird, no funny business just common practice. If you are
      alarmed by seeing this dialogue box it means you have not installed a lot
      (or any) software, that uses an installer, on your system before, now that
      would be strange :-)
      --
      View this message in context: http://panotoolsng.586017.n4.nabble.com/Mildly-OT-installing-Flash-on-OS-X-without-password-tp2271731p2271912.html
      Sent from the PanoToolsNG mailing list archive at Nabble.com.
    • Kathy Wheeler
      ... Incorrect. I have installed numerous applications that have NOT required the system password. I can see no good reason for Flash to require it. KathyW.
      Message 2 of 15 , Jun 29, 2010
      • 0 Attachment
        On 29/06/2010, at 6:58 PM, Henri Smeets wrote:
        > Installing any program on OSX is preceded by the system asking the
        > system
        > password,

        Incorrect. I have installed numerous applications that have NOT
        required the system password.

        I can see no good reason for Flash to require it.

        KathyW.
      • Ian Wood
        Strictly speaking, you get asked for a password if the app/installer installs files somewhere other than your user folder (and a few other situations).
        Message 3 of 15 , Jun 29, 2010
        • 0 Attachment
          Strictly speaking, you get asked for a password if the app/installer installs files somewhere other than your user folder (and a few other situations).

          Drag-n-drop-install apps don't need a password at all.

          Ian


          On 29 Jun 2010, at 09:58, Henri Smeets wrote:

          > Installing any program on OSX is preceded by the system asking the system
          > password, it is to prevent unauthorized individuals from installing programs
          > on a Mac. Nothing weird, no funny business just common practice. If you are
          > alarmed by seeing this dialogue box it means you have not installed a lot
          > (or any) software, that uses an installer, on your system before, now that
          > would be strange :-)
        • Matthew Rogers
          You may have COPIED applications from a downloaded disk image but you cannot INSTALL anything on OS X without a password. Matt ... [Non-text portions of this
          Message 4 of 15 , Jun 29, 2010
          • 0 Attachment
            You may have COPIED applications from a downloaded disk image but you cannot INSTALL anything on OS X without a password.

            Matt

            On 29 Jun 2010, at 11:50, Kathy Wheeler wrote:

            >
            > On 29/06/2010, at 6:58 PM, Henri Smeets wrote:
            > > Installing any program on OSX is preceded by the system asking the
            > > system
            > > password,
            >
            > Incorrect. I have installed numerous applications that have NOT
            > required the system password.
            >
            > I can see no good reason for Flash to require it.
            >
            > KathyW.
            >
            >



            [Non-text portions of this message have been removed]
          • mrjimbo
            Kathy, The Flash installer does not want your password .. The Mac OSX system installer however wants to verify that you are the administrator of the machine
            Message 5 of 15 , Jun 29, 2010
            • 0 Attachment
              Kathy,
              The Flash installer does not want your password .. The Mac OSX system installer however wants to verify that you are the administrator of the machine and thus asks prior to any install. So what I'm saying is that when a program tries to install either manually by you or automatically .. Part of what OSX does is block all installs until you as the administrator allow it to move forward with the install. That small segment of any install is controlled by the OS not the program your trying to install.So the answer to your question is their is not a method to bypass the password or approval feature in OSX when installing a piece of software..It's part of the security built into the OS.. So if your using someone else's MAC and want to do the update you can't...That is how it should be I guess ...right?

              jimbo


              ----- Original Message -----
              From: Kathy Wheeler
              To: PanoToolsNG@yahoogroups.com
              Sent: Monday, June 28, 2010 10:43 PM
              Subject: [PanoToolsNG] Mildly OT: installing Flash on OS X without password



              My Firefox (beta) just updated itself to 3.6, and told me I should
              update my Flash plugin to prevent "security and stability" issues.
              Security issues yet again. How wonderful ... not. I already run
              Flashblock and Flashkiller and I only allow Flash to run to see stuff
              I really want to (like the panos posted here). But the damn Flash
              installer wants my password, and for "security and stability" reasons
              and the poor track record Flash has in that area I'm not prepared to
              give it.

              So ... does any Mac user here know how to install the current Flash
              plugin by-passing the password requirement?? I found a windows
              related page, but it doesn't translate well to OS X. I can't see one
              good reason for Flash to need an administrator/system password. But
              at the moment as I've disabled the old insecure/unstable plugin I'm
              flying blind as far as most pano content is concerned :-(

              Suggestions appreciated, off-list if you prefer.

              KathyW.





              [Non-text portions of this message have been removed]
            • Roger Howard
              It s quite possible for software installers on OSX to not require an admin password - but this would restrict any installed components to the current user...
              Message 6 of 15 , Jun 29, 2010
              • 0 Attachment
                It's quite possible for software installers on OSX to not require an admin
                password - but this would restrict any installed components to the current
                user... since Flash Player is a plugin intended for use by the browser,
                available to all users, it's generally accepted practice to install this in
                /Library rather than ~/Library, requiring an admin password.

                It's also possible to install it locally in your account only - in ~/Library
                - by extracting the installer contents and manually placing them in
                ~/Library using Pacifist (http://www.charlessoft.com/) but, frankly, I
                wouldn't do this - it won't be handled by future updates, so you'll likely
                end up with an out of date local (user) copy which will override the
                system-wide updated version.

                As for Flash Player security issues, yes they exist... its debatable whether
                Flash Player has a particularly bad security track record, but it's also an
                extremely high profile target (as are Web browsers and their dependencies,
                and any other common tools which load and interpret/render content over the
                Internet). The simple fact is Flash Player is a major target for remote
                exploits like code injection using buffer overruns, and everyone should be
                keeping it up to date... by using the normal install process, rather than
                managing a custom install in a non-standard location, you're much more
                likely to stay updated.

                Frankly, Adobe Acrobat vulnerabilities concern me far, far more than Flash
                Player.

                -R


                [Non-text portions of this message have been removed]
              • mick crane
                ... It is the way things are these days. you have to take that leap of trust. probably there are ways to protect sensitive stuff but generally everything is
                Message 7 of 15 , Jun 29, 2010
                • 0 Attachment
                  On Tue, June 29, 2010 5:43 am, Kathy Wheeler wrote:
                  > My Firefox (beta) just updated itself to 3.6, and told me I should
                  > update my Flash plugin to prevent "security and stability" issues. Security
                  > issues yet again. How wonderful ... not. I already run Flashblock and
                  > Flashkiller and I only allow Flash to run to see stuff
                  > I really want to (like the panos posted here). But the damn Flash
                  > installer wants my password, and for "security and stability" reasons and
                  > the poor track record Flash has in that area I'm not prepared to give it.
                  >
                  > So ... does any Mac user here know how to install the current Flash
                  > plugin by-passing the password requirement?? I found a windows related
                  > page, but it doesn't translate well to OS X. I can't see one good reason
                  > for Flash to need an administrator/system password. But at the moment as
                  > I've disabled the old insecure/unstable plugin I'm
                  > flying blind as far as most pano content is concerned :-(
                  >
                  > Suggestions appreciated, off-list if you prefer.

                  It is the way things are these days. you have to take that leap of trust.
                  probably there are ways to protect sensitive stuff but generally
                  everything is done over the net and it wants root access. So you can be
                  safe and have stuff that doesn't work very well or take the risk.
                • Roger Howard
                  ... Just a note - admin isn t root (thank god!), and all Flash Player (or any app) needs is admin... and unlike root, admin access does *not* imply full access
                  Message 8 of 15 , Jun 29, 2010
                  • 0 Attachment
                    On Tue, Jun 29, 2010 at 12:07 PM, mick crane <mick.crane@...> wrote:

                    >
                    >
                    >
                    > On Tue, June 29, 2010 5:43 am, Kathy Wheeler wrote:
                    > > My Firefox (beta) just updated itself to 3.6, and told me I should
                    > > update my Flash plugin to prevent "security and stability" issues.
                    > Security
                    > > issues yet again. How wonderful ... not. I already run Flashblock and
                    > > Flashkiller and I only allow Flash to run to see stuff
                    > > I really want to (like the panos posted here). But the damn Flash
                    > > installer wants my password, and for "security and stability" reasons and
                    > > the poor track record Flash has in that area I'm not prepared to give it.
                    > >
                    > > So ... does any Mac user here know how to install the current Flash
                    > > plugin by-passing the password requirement?? I found a windows related
                    > > page, but it doesn't translate well to OS X. I can't see one good reason
                    > > for Flash to need an administrator/system password. But at the moment as
                    > > I've disabled the old insecure/unstable plugin I'm
                    > > flying blind as far as most pano content is concerned :-(
                    > >
                    > > Suggestions appreciated, off-list if you prefer.
                    >
                    > It is the way things are these days. you have to take that leap of trust.
                    > probably there are ways to protect sensitive stuff but generally
                    > everything is done over the net and it wants root access. So you can be
                    > safe and have stuff that doesn't work very well or take the risk.
                    >

                    Just a note - admin isn't root (thank god!), and all Flash Player (or any
                    app) needs is admin... and unlike root, admin access does *not* imply full
                    access to any files on your filesystem. Likewise, most all of us should be
                    running our day to day login as a regular user - not admin... though I'd be
                    willing to be not 10% of us do. This simple step is something that'll go a
                    long way to limiting the damage of trojan horses and other malware, and is
                    not nearly as limiting as it might sound.


                    [Non-text portions of this message have been removed]
                  • Robert C. Fisher
                    Ok Roger I have one user Me how do I set up an admin acct, or do I set up another user acct without admin privileges? If I do the later how do I get my user
                    Message 9 of 15 , Jun 29, 2010
                    • 0 Attachment
                      Ok Roger I have one user "Me" how do I set up an admin acct, or do I
                      set up another user acct without admin privileges? If I do the later
                      how do I get my user info into the new user acct?

                      >
                      > Just a note - admin isn't root (thank god!), and all Flash Player
                      > (or any
                      > app) needs is admin... and unlike root, admin access does *not*
                      > imply full
                      > access to any files on your filesystem. Likewise, most all of us
                      > should be
                      > running our day to day login as a regular user - not admin... though
                      > I'd be
                      > willing to be not 10% of us do. This simple step is something
                      > that'll go a
                      > long way to limiting the damage of trojan horses and other malware,
                      > and is
                      > not nearly as limiting as it might sound.
                      >
                      >

                      Cheers
                      Robert C. Fisher
                      VR Photography / Cinematography
                      bob@...
                      http://www.rcfisher.com
                      Facebook - Robert C. Fisher






                      [Non-text portions of this message have been removed]
                    • Trausti Hraunfjord
                      Absolutely correct. I have been preaching this to Windows users for years... saves people from buying antivirus software and saves them from crashes and saves
                      Message 10 of 15 , Jun 29, 2010
                      • 0 Attachment
                        Absolutely correct. I have been preaching this to Windows users for
                        years... saves people from buying antivirus software and saves them from
                        crashes and saves them from frustration ... and would also save me from
                        having to fix their machines all the time... but unfortunately such an
                        advice is not heeded by normal users.

                        Me personally... never use a normal user account... but *that* is a
                        different story :)

                        Trausti

                        On Tue, Jun 29, 2010 at 2:34 PM, Roger Howard <rogerhoward@...> wrote:


                        most all of us should be
                        running our day to day login as a regular user - not admin... though I'd be
                        willing to be not 10% of us do. This simple step is something that'll go a
                        long way to limiting the damage of trojan horses and other malware, and is
                        not nearly as limiting as it might sound.


                        [Non-text portions of this message have been removed]
                      Your message has been successfully submitted and would be delivered to recipients shortly.