Charles Edge’s research while affiliated with University School and other places

File system permissions are your data’s first line of defense in a multiuser environment. A well-managed permission scheme ensures that your data is accessible and modifiable only by the proper people. The file system, after all, is the gateway to your data. An ineffective permission scheme is the equivalent of handing your data out to anyone who would express interest in it, or even worse, allowing them to destroy it. Furthermore, poorly implemented permissions can serve a different evil, preventing honest, hardworking Joe from accessing either his own documents or documents created by his collaborators.

Configuring file-sharing security can be one of the more challenging aspects of working with shared computer data in a networked environment. The challenge is twofold—how do you keep files accessible to those who need them while simultaneously keeping them inaccessible to those who don’t? Sharing files over a network is also an inherently dangerous activity. Other computers’ users can access files on your system without physically gaining access to your computer; thus, if it is configured incorrectly, the wrong data can easily get into the wrong hands, which can prove to be catastrophic. However, in most environments, it is crucial that multiple computers have access to data on a single computer. How do we manage this file-sharing conundrum?

Created by the SANS Institute. Feel free to modify or use for your organization. If you have a policy to contribute, please send e-mail to stephen@sans.edu.

iCloud is a cloud service provided by Apple. A basic iCloud account is free and provides a connection to calendars, contacts, and other services that integrate with your Mac. Because iCloud has services that integrate with the Mac, it’s more than a traditional cloud solution, though. An iCloud account has options that include tracking the physical location of your Apple devices and potentially escrowing keys used for decrypting hard drives and remotely controlling computers. Because the iCloud account provides access to your computer, securing the account and the connection between the computer and the account is of paramount importance. This security starts with the Apple ID and extends to the settings used when setting up iCloud-based services on your Mac.

As a security expert, consider this all-too-real scenario: a passenger sits in the airport, working on his computer, waiting for the plane to start boarding. While sitting there, surfing on the wireless airport network, he notices that almost every laptop in sight is a Mac. On a hunch, he opens Bonjour Browser to discover that many of these laptops have various remote management tools (the Apple Remote Desktop client or Screen Sharing, based on VNC), SSH or Telnet enabled. He also notices that many of these computers are not password-protected, and are therefore easily controllable by anyone with the gall to tap into the computer. Within 10 minutes, nearly all the laptop lids are closed with their owners suspiciously looking around, attempting to determine which passenger was entertaining them with the “joke of the day” on their display.

Over the years, Apple has gone to great lengths to make OS X strong by hardening its user security. Hardening means strengthening a component in a system to make it more secure. User accounts can be hardened in OS X by limiting the resources that users can access. You can accomplish this two ways: by using the built-in GUI tools, or by using the command line. In this chapter, we will go deeper into securing the Mac by focusing first on restricting user access and then on more advanced command-line security that can be used to harden user accounts.

Ready to start securing your Mac? Let’s get right into it. Keep in mind that this chapter is meant to be a quick-and-dirty start to securing your Mac, for the “I don’t have time to dive into the nitty-gritty, I need to get my Mac secured right away” readers. This chapter will give you just the basics to get your Mac secure quickly, and although it will leave you with a fairly secure system, it’s not as comprehensive as the subsequent chapters, where we’ll fine-tune your Mac’s settings. For a more thorough understanding of OS X security and the tools you can use to secure your Mac, we urge you to continue reading beyond the basics. Beginning in Chapter 2, you’ll be introduced to all the other intricacies surrounding securing the Mac OS, diving deeper into the larger concepts of what is covered here in this quick-start.

Would your network withstand an attack? How easy would it be for someone to break into your network, find anything they want on your Mac, and steal enough information to masquerade as you on the Internet? To answer this question, you’d need to take a good hard look at your network and audit for intrusion vulnerabilities. Imagine having to catalog all the programs, files, and services that run on your Mac, cross-referencing each program and file extension on the Internet, one at a time, against all the known exploits. This auditing process would take a considerable amount of time. Unfortunately, hackers have easy access to a wide variety of auditing tools, and already have a good idea of which exploits to look for. Thankfully, the very same auditing software can help you expedite the process of keeping them out.

At the Black Hat conference in August 2006, David Maynor and Jon “Johnny Cache” Ellch shocked the Mac community by demonstrating to the world something that hackers had known for a long time: the Mac could be hacked, easily. Maynor and Ellch, two security professionals with long-time careers in the security industry, were able to release what is known as a proof-of-concept attack by exploiting the wireless Atheros drivers built into the Mac operating system. Using a script called setup.sh, which turned a Mac computer (with its wireless card turned on) into an access point, an attacker could gain control of an unsuspecting Mac user’s laptop. Another hacker script, called bad_seed, could then be run from the host computer to exploit the vulnerability in the target computer’s wireless driver; this would give an attacker access to a Terminal session on the target computer running root (which is a “superuser” that is allowed full control of the computer). The exploit was not released, but it did provide proof that the Mac community was a long way away from an operating system immune to wireless attacks. While the Mac may be more resistant to attack, no system has every been truly immune.

Put simply, a firewall is a network traffic moderator. It uses a set of rules to determine what kind of traffic is allowed in and out of your computer or network. The term is a bit ambiguous, because there are many types of firewalls. In Chapter 10, we discussed the importance of using a firewall to act as a gateway into your network, denying and allowing network traffic on a network-wide basis between your computers and the outside world. This is what we refer to as a hardware appliance firewall.