Still, it might lead to a sort of crying wolf syndrome, where you're installing a program that you would expect to modify only your Applications directory that tries to modify a critical system directory. If you had access to Applications, this would have raised a red flag that something was seriously wrong, but since all operations require a username/password, it doesn't. [/B]
Would a possible solution be to always switch to the admin account when prompted for username/password while operating in a user account. then install the program. If prompted for password in the admin account, would that then alert you that the program was trying to do something nefarious? Or do I not understand your point?
Would a possible solution be to always switch to the admin account when prompted for username/password while operating in a user account. then install the program. If prompted for password in the admin account, would that then alert you that the program was trying to do something nefarious? Or do I not understand your point?
Of course it's a solution, but most people who use separate user and admin accounts would be too lazy to apply it.
Comments
Originally posted by JavaCowboy
Still, it might lead to a sort of crying wolf syndrome, where you're installing a program that you would expect to modify only your Applications directory that tries to modify a critical system directory. If you had access to Applications, this would have raised a red flag that something was seriously wrong, but since all operations require a username/password, it doesn't. [/B]
Would a possible solution be to always switch to the admin account when prompted for username/password while operating in a user account. then install the program. If prompted for password in the admin account, would that then alert you that the program was trying to do something nefarious? Or do I not understand your point?
Originally posted by ibuzz
Would a possible solution be to always switch to the admin account when prompted for username/password while operating in a user account. then install the program. If prompted for password in the admin account, would that then alert you that the program was trying to do something nefarious? Or do I not understand your point?
Of course it's a solution, but most people who use separate user and admin accounts would be too lazy to apply it.