Flashcards in Support Essentials 10.9 Deck (192)
How do ACLs differ from standard UNIX file system permissions?
Standard UNIX file system permissions allow only for permissions to be set for one owner, one group, and all others. ACLs, on the other hand, allow for an essentially unlimited list of permissions entries.
What’s the locked file flag?
The locked file flag prevents anyone, including the item’s owner, from editing an item. Only the item’s owner can unlock the item to then allow modification.
Why is the root, or beginning, level of a user’s home folder visible to other users?
The root level of a user’s home folder is visible to other users so they can navigate to the Public shared folder.
How does the default organization of the file system allow users to safely share local files and folders?
Every home folder contains a Public folder that other users can read and a Drop Box folder that other users can write to. All other subfolders in a user’s home folder (except the optional Sites folder) have default permissions that don’t allow access to other users. The Shared folder is also set for all users to share items.
What’s unique about the permissions of the /Users/Shared folder?
The Shared folder is set up to allow all users to read and write files, but only the user who owns an item can delete it from the Shared folder. This is accomplished using the sticky bit permissions setting.
What does it mean when you choose the option to “ignore volume ownership” in the Finder? What are the security ramifications of ignoring volume ownership?
You can choose to ignore ownership on any nonsystem volume. This will ignore any ownership rules and grant any logged-on user unlimited access to the contents of the volume. It’s a potential security risk because it will allow any local user account to have full access to the volume, even if that user didn’t originally mount the volume.
Which two built-in OS X applications can be used to gather information about storage devices?
Disk Utility and System Information can both be used to gather information about storage devices.
What does the Disk Utility Verify and Repair feature do?
The Disk Utility Verify and Repair feature is used to verify or repair the partition scheme and directory structure of a volume. These elements contain the information used to locate files and folders on the volume
What’s target disk mode and how is it engaged?
Target disk mode is a Mac-specific hardware feature that, when engaged, will share the Mac computer’s internal disks through the FireWire ports. Target disk mode can be engaged from Startup Disk preferences or by holding down the T key as you turn on the Mac.
What permissions are modified by the Disk Utility Repair Permissions feature?
The Disk Utility Repair Permissions feature repairs only the ownership and permissions for items installed by Apple. However, this may resolve issues with third-party products.
How can you reset a user’s home folder permissions?
A user’s home folder permissions can be reset from the Reset Password application on OS X Recovery.
Why does the Finder hide certain folders at the root of the system volume?
The Finder hides traditional UNIX resources from average users because they don’t need to have access to those items. If users need access to these UNIX items, they can access them from Terminal.
What two methods are used to hide items from the Finder?
The Finder doesn’t show items with periods at the beginning of their filenames or items with the hidden file flag enabled. Both methods for hiding items can only be managed from the command line interface.
What does OS X use bundles or packages for?
Bundles and packages are used to combine complex items into individual folders. Packages have the additional advantage of appearing as a single item in the Finder. This allows software developers to combine resources into a single item and prevents users from seeing and potentially damaging those resources through deletion or moving of files.
How does an alias differ from a symbolic link?
Both aliases and symbolic links act as a shortcut to an original item. However, an alias contains additional information that allows the system to keep track of the original item if it’s renamed or moved within the same volume. Whereas any change to an original item breaks a symbolic link.
What are the four default top-level folders visible in the Finder?
The four default top-level folders visible in the Finder are:
• Applications, containing applications all local users have access to
• Library, containing system resources all local users have access to
• System, containing necessary system resources
• Users, containing all the local user home folders
What are six common system resources? What purpose does each resource serve? Where are they located in the file hierarchy?
Six common system resources are:
• Extensions, which attach themselves to the system kernel to provide hardware and peripheral driver support
• Frameworks, which are shared code libraries that provide additional software resources for both applications and system processes
• Preference files, which contain application and system configuration information
• LaunchAgents and LaunchDaemons, used by launchd to provide services that automatically start when needed at system startup, or at user login
• Logs, which are text files that contain error and progress entries from nearly any application or system service
What are the four system resource domains? What purpose does each domain serve?
The four system resource domains are:
• User, containing applications and system resources specific to each user account
• Local, containing applications and system resources available to all users on the local Mac
• Network (optional), containing applications and system resources available to any Mac that has an automated network share
• System, containing applications and system resources required to provide basic system functionality
4. What purpose does the ~/Library/Containers folder serve? What items will you find in this folder?
The ~/Library/Containers folder contains resources for sandboxed applications. The system creates and maintains a separate container folder for each sandboxed application the user opens. A sandboxed application is more secure because it can only access items inside its container.
What happens when a user double-clicks a font file?
Double-clicking a font file automatically opens a preview of the font in the Font Book application. From here, the user can click the Install Font button to copy the font into ~/Library/ Fonts.
How can you identify duplicate fonts?
The Font Book application shows a small dot next to the name of any font that has duplicate resources.
What’s file system metadata? What are some examples of file system metadata?
Metadata is information stored outside of a file or folder. It provides additional information about files and folders. Examples include file flags, extended file attributes, and permissions.
What are some of the common file flags used by OS X?
Common file flags include the locked flag, which locks files from changes, and the hidden flag, which hides the item in the Finder.
What are file system tags? Where can you find tags in the user interface?
File system tags are a type of metadata that allow you to quickly assign keywords, or “tags” to any item. The user can customize the tag names and colors.
How does the Spotlight search service use metadata?
The Spotlight search service creates index databases of file system metadata so that it can perform normally time- intensive searches nearly instantly. File system tags can be found in the Finder sidebar, Spotlight search, and any open or save document dialogs.
Where does Spotlight store its metadata index databases? How about the Spotlight plug-ins?
Spotlight metadata index databases are stored at the root of every volume in a /.Spotlight-V100 folder. However, a Legacy FileVault user’s database is stored in his encrypted home folder. And the Mail application maintains its own database in each user’s home folder at ~/Library/Mail/V2/MailData/ Envelope Index. Spotlight plug-ins can be located in any of the Library folders in a folder named Spotlight.
What are some privacy and security concerns with the Spotlight service?
Though Spotlight indexes file and folder permissions, it allows other users to search the contents of locally attached nonsystem volumes when ownership is ignored on those volumes.
How do you resolve an issue where a Spotlight search doesn’t find the correct items?
Forcing a rebuild of the Spotlight index databases is a common technique to resolve search issues. You can force a rebuild by adding an item to the Spotlight preferences Privacy list, and then removing the item. This deletes the current index database and forces the system to build a new one.
What type of file is created by the Finder when you select the Archive option?
The Archive option in the Finder creates compressed zip archive files.