Mac OS X 10.7 Lion sets, finds, corrects insecure folder permissionsMac OS X 10.7 Lion makes system wide changes to standard folder ownership and permissions to enhance security, finding and recommending changes where necessary.
Apple reportedly informed developers that a number of folders in the System and Local file system domains would be changing their default permissions in Lion. This includes many system and Library folders moving from 775 (writable by the admin group) to 755 (writable only by root). This change prevents modification of core system files without authenticating as the root user.
The only remaining local Library folders that will support admin group writing include Caches, Fonts, Java, QuickTimeStreaming, Receipts and Tomcat; all others require root access to modify.
A developer reports to AppleInsider that this changes the required permissions on installed printer queues, but that the system handles this by simply noting after installation that a correction is needed. Once the user approves of the change, the system adjusts the permissions as it records the issue in the CUPS error log (below).
Another Mac OS X Lion, feature related to Auto Save (described earlier in our report on Auto Save, Versions and Time Machine), is also getting a new setting in System Preferences.
Under the Appearance pane, a new option to lock Auto Save documents after a specific time interval has been added in Lion DP2. The previous setting was to default at two weeks, with no option to turn the lock feature off.
On Topic: Mac OS X
- New Office for Mac 2011 update fixes Outlook sync bug with OS X El Capitan
- Third beta of Apple's OS X 10.11.1 El Capitan released to developers, public testers
- Adobe reverses course, says Metal support in After Effects 'one possibility' [u]
- Apple issues second public beta of OS X El Capitan 10.11.1
- OS X El Capitan still exposed to vulnerabilities in Gatekeeper & Keychain, researchers say