Loading ...
Sorry, an error occurred while loading the content.

Re: [PanoToolsNG] Re: Mildly OT: installing Flash on OS X without password

Expand Messages
  • Matthew Rogers
    You may have COPIED applications from a downloaded disk image but you cannot INSTALL anything on OS X without a password. Matt ... [Non-text portions of this
    Message 1 of 15 , Jun 29, 2010
    • 0 Attachment
      You may have COPIED applications from a downloaded disk image but you cannot INSTALL anything on OS X without a password.

      Matt

      On 29 Jun 2010, at 11:50, Kathy Wheeler wrote:

      >
      > On 29/06/2010, at 6:58 PM, Henri Smeets wrote:
      > > Installing any program on OSX is preceded by the system asking the
      > > system
      > > password,
      >
      > Incorrect. I have installed numerous applications that have NOT
      > required the system password.
      >
      > I can see no good reason for Flash to require it.
      >
      > KathyW.
      >
      >



      [Non-text portions of this message have been removed]
    • mrjimbo
      Kathy, The Flash installer does not want your password .. The Mac OSX system installer however wants to verify that you are the administrator of the machine
      Message 2 of 15 , Jun 29, 2010
      • 0 Attachment
        Kathy,
        The Flash installer does not want your password .. The Mac OSX system installer however wants to verify that you are the administrator of the machine and thus asks prior to any install. So what I'm saying is that when a program tries to install either manually by you or automatically .. Part of what OSX does is block all installs until you as the administrator allow it to move forward with the install. That small segment of any install is controlled by the OS not the program your trying to install.So the answer to your question is their is not a method to bypass the password or approval feature in OSX when installing a piece of software..It's part of the security built into the OS.. So if your using someone else's MAC and want to do the update you can't...That is how it should be I guess ...right?

        jimbo


        ----- Original Message -----
        From: Kathy Wheeler
        To: PanoToolsNG@yahoogroups.com
        Sent: Monday, June 28, 2010 10:43 PM
        Subject: [PanoToolsNG] Mildly OT: installing Flash on OS X without password



        My Firefox (beta) just updated itself to 3.6, and told me I should
        update my Flash plugin to prevent "security and stability" issues.
        Security issues yet again. How wonderful ... not. I already run
        Flashblock and Flashkiller and I only allow Flash to run to see stuff
        I really want to (like the panos posted here). But the damn Flash
        installer wants my password, and for "security and stability" reasons
        and the poor track record Flash has in that area I'm not prepared to
        give it.

        So ... does any Mac user here know how to install the current Flash
        plugin by-passing the password requirement?? I found a windows
        related page, but it doesn't translate well to OS X. I can't see one
        good reason for Flash to need an administrator/system password. But
        at the moment as I've disabled the old insecure/unstable plugin I'm
        flying blind as far as most pano content is concerned :-(

        Suggestions appreciated, off-list if you prefer.

        KathyW.





        [Non-text portions of this message have been removed]
      • Roger Howard
        It s quite possible for software installers on OSX to not require an admin password - but this would restrict any installed components to the current user...
        Message 3 of 15 , Jun 29, 2010
        • 0 Attachment
          It's quite possible for software installers on OSX to not require an admin
          password - but this would restrict any installed components to the current
          user... since Flash Player is a plugin intended for use by the browser,
          available to all users, it's generally accepted practice to install this in
          /Library rather than ~/Library, requiring an admin password.

          It's also possible to install it locally in your account only - in ~/Library
          - by extracting the installer contents and manually placing them in
          ~/Library using Pacifist (http://www.charlessoft.com/) but, frankly, I
          wouldn't do this - it won't be handled by future updates, so you'll likely
          end up with an out of date local (user) copy which will override the
          system-wide updated version.

          As for Flash Player security issues, yes they exist... its debatable whether
          Flash Player has a particularly bad security track record, but it's also an
          extremely high profile target (as are Web browsers and their dependencies,
          and any other common tools which load and interpret/render content over the
          Internet). The simple fact is Flash Player is a major target for remote
          exploits like code injection using buffer overruns, and everyone should be
          keeping it up to date... by using the normal install process, rather than
          managing a custom install in a non-standard location, you're much more
          likely to stay updated.

          Frankly, Adobe Acrobat vulnerabilities concern me far, far more than Flash
          Player.

          -R


          [Non-text portions of this message have been removed]
        • mick crane
          ... It is the way things are these days. you have to take that leap of trust. probably there are ways to protect sensitive stuff but generally everything is
          Message 4 of 15 , Jun 29, 2010
          • 0 Attachment
            On Tue, June 29, 2010 5:43 am, Kathy Wheeler wrote:
            > My Firefox (beta) just updated itself to 3.6, and told me I should
            > update my Flash plugin to prevent "security and stability" issues. Security
            > issues yet again. How wonderful ... not. I already run Flashblock and
            > Flashkiller and I only allow Flash to run to see stuff
            > I really want to (like the panos posted here). But the damn Flash
            > installer wants my password, and for "security and stability" reasons and
            > the poor track record Flash has in that area I'm not prepared to give it.
            >
            > So ... does any Mac user here know how to install the current Flash
            > plugin by-passing the password requirement?? I found a windows related
            > page, but it doesn't translate well to OS X. I can't see one good reason
            > for Flash to need an administrator/system password. But at the moment as
            > I've disabled the old insecure/unstable plugin I'm
            > flying blind as far as most pano content is concerned :-(
            >
            > Suggestions appreciated, off-list if you prefer.

            It is the way things are these days. you have to take that leap of trust.
            probably there are ways to protect sensitive stuff but generally
            everything is done over the net and it wants root access. So you can be
            safe and have stuff that doesn't work very well or take the risk.
          • Roger Howard
            ... Just a note - admin isn t root (thank god!), and all Flash Player (or any app) needs is admin... and unlike root, admin access does *not* imply full access
            Message 5 of 15 , Jun 29, 2010
            • 0 Attachment
              On Tue, Jun 29, 2010 at 12:07 PM, mick crane <mick.crane@...> wrote:

              >
              >
              >
              > On Tue, June 29, 2010 5:43 am, Kathy Wheeler wrote:
              > > My Firefox (beta) just updated itself to 3.6, and told me I should
              > > update my Flash plugin to prevent "security and stability" issues.
              > Security
              > > issues yet again. How wonderful ... not. I already run Flashblock and
              > > Flashkiller and I only allow Flash to run to see stuff
              > > I really want to (like the panos posted here). But the damn Flash
              > > installer wants my password, and for "security and stability" reasons and
              > > the poor track record Flash has in that area I'm not prepared to give it.
              > >
              > > So ... does any Mac user here know how to install the current Flash
              > > plugin by-passing the password requirement?? I found a windows related
              > > page, but it doesn't translate well to OS X. I can't see one good reason
              > > for Flash to need an administrator/system password. But at the moment as
              > > I've disabled the old insecure/unstable plugin I'm
              > > flying blind as far as most pano content is concerned :-(
              > >
              > > Suggestions appreciated, off-list if you prefer.
              >
              > It is the way things are these days. you have to take that leap of trust.
              > probably there are ways to protect sensitive stuff but generally
              > everything is done over the net and it wants root access. So you can be
              > safe and have stuff that doesn't work very well or take the risk.
              >

              Just a note - admin isn't root (thank god!), and all Flash Player (or any
              app) needs is admin... and unlike root, admin access does *not* imply full
              access to any files on your filesystem. Likewise, most all of us should be
              running our day to day login as a regular user - not admin... though I'd be
              willing to be not 10% of us do. This simple step is something that'll go a
              long way to limiting the damage of trojan horses and other malware, and is
              not nearly as limiting as it might sound.


              [Non-text portions of this message have been removed]
            • Robert C. Fisher
              Ok Roger I have one user Me how do I set up an admin acct, or do I set up another user acct without admin privileges? If I do the later how do I get my user
              Message 6 of 15 , Jun 29, 2010
              • 0 Attachment
                Ok Roger I have one user "Me" how do I set up an admin acct, or do I
                set up another user acct without admin privileges? If I do the later
                how do I get my user info into the new user acct?

                >
                > Just a note - admin isn't root (thank god!), and all Flash Player
                > (or any
                > app) needs is admin... and unlike root, admin access does *not*
                > imply full
                > access to any files on your filesystem. Likewise, most all of us
                > should be
                > running our day to day login as a regular user - not admin... though
                > I'd be
                > willing to be not 10% of us do. This simple step is something
                > that'll go a
                > long way to limiting the damage of trojan horses and other malware,
                > and is
                > not nearly as limiting as it might sound.
                >
                >

                Cheers
                Robert C. Fisher
                VR Photography / Cinematography
                bob@...
                http://www.rcfisher.com
                Facebook - Robert C. Fisher






                [Non-text portions of this message have been removed]
              • Trausti Hraunfjord
                Absolutely correct. I have been preaching this to Windows users for years... saves people from buying antivirus software and saves them from crashes and saves
                Message 7 of 15 , Jun 29, 2010
                • 0 Attachment
                  Absolutely correct. I have been preaching this to Windows users for
                  years... saves people from buying antivirus software and saves them from
                  crashes and saves them from frustration ... and would also save me from
                  having to fix their machines all the time... but unfortunately such an
                  advice is not heeded by normal users.

                  Me personally... never use a normal user account... but *that* is a
                  different story :)

                  Trausti

                  On Tue, Jun 29, 2010 at 2:34 PM, Roger Howard <rogerhoward@...> wrote:


                  most all of us should be
                  running our day to day login as a regular user - not admin... though I'd be
                  willing to be not 10% of us do. This simple step is something that'll go a
                  long way to limiting the damage of trojan horses and other malware, and is
                  not nearly as limiting as it might sound.


                  [Non-text portions of this message have been removed]
                Your message has been successfully submitted and would be delivered to recipients shortly.