You need the other users password to do that, or be root, so it is not a problem. Also, in our system, non admin users don't have linux shell access anyway, they get a custom shell that uses the rest server as the backend. The admin user can get linux shell and run commands as other users or do whatever they want but that is expected.
As I understand it, this relies on the admin account's ability to write to the /Applications folder without a password. So, if you just run in a non-admin account, you should be fine.
I've run my OS X machines from a non-admin user for at least 5 years. I do developer-y type stuff like SSHing into Linux servers with key authentication, running a local web development environment (MAMP), installing brew applications from the command line, editing my /etc/hosts file, etc.
It all works fine. For most things, like software installs and updates, I just get prompted for admin account credentials. For a few things (brew and editing hosts file), I su to my admin account in Terminal, then run the command.
I can't remember the last time I actually logged into my admin account, though.
Not really. If someone logins as user A on the machine, and caddy runs as user B, then unless A has sudo access, A cannot modify caddy. But with this admin HTTP endpoint, user A now can arbitrarily modify caddy.
There is runas to run as a different user. And if you want to run as the same user but elevated, there has been third-party software like gsudo [1]. But yeah, the recommended way to do it was to just open an elevated terminal, run the one admin command you need there and close it again. Not a huge deal if all you want to do is run a choco install command or something; and generally you don't switch so much back-and-forth between needing admin and not needing it.
It's really nice having separate users in production for a server. That way, you log sudo and know who issued an admin command. But in a larger system, you don't worry about setting them up on each server; instead, you rely on LDAP.
Unix is the LISP of server operating systems. It's a multiplier. In return, it demands much more from the operator. This is not ideal for a desktop system. It's amazing when you have an admin who knows his shit.
I am the admin. I use the root account as little as possible. I do employ admins that don't rm -rf / by employing admins who don't hack on live as root. Knowing who does what is paramount for resolving problems particularly in admins' work practices.
Seems with this approach it should be easy for an admin to 'su' to a normal user account and perform actions as that user. Nice for tech support and other administrative operations.
It seems like there are some cases where Windows accepts a password hash for authentication as a user though. So by having the hash of an administrator, you can escalate privileges.
Linux is fairly secure by default, so most of what that admin has to do is just not screw it up. Turn off SSH passwords and disable root login, then read a hardening guide for their particular tech stack. Once it's set up, you just need to log in once in a while to update software.
There are absolutely no problems with using a non-admin user account. Just better isolation, better security and a few inconveniences.
Using a standard user account was one of the things I started with on OS X after being used to the "user must be administrator" paradigm that's deeply entrenched in the Windows world for a very long time. Before Windows Vista came up with some way of UAC (User Access Control), being an administrator user on a Windows system was the least painful way to use the system. This style is still propagated even today in several companies with the latest versions of Windows.
The philosophy about being a non-admin user also ties into the UNIX-ness of OS X, and in all * NIX systems the recommendation is always to use a standard account and switch to a superuser/root account only when needed within a specific terminal for a specific task and exit out as soon as that work is done. When people on * NIX joke about "rm -rf /", there are people who remember the wounds of such experiences from real life when running as root (fortunately, I didn't have to learn from experience). :)
The "annoyances" for a standard user on OS X are that installing applications into /Applications or unlocking panels in System Preferences (if it has been configured to be that way) needs administrator credentials. And it's also required if one fancies getting into system (or protected) directories and wants to move/delete/rename/add files.
On the terminal, when needed, I switch from the standard user to the administrator account and then use sudo. It is indeed a little more cumbersome than providing sudo privileges to the standard user account, but it's not often that I need this and I don't find this inconvenience as a big waste of time.
On a lighter note, using a * NIX system as an administrator user all the time seems dirty, just like using a Windows system as a non-admin user does. :P
P.S.: Couldn't figure out a way to escape and type an asterisk followed by a non-whitespace character for the * NIX references.
You can login as Administrator if you enable the user account. You can also just turn admin approval mode to "never ask" in the Control Panel.
While you can't login as SYSTEM (since it's not really a user account), you can trivially open a shell under it's account (and you can do everything you need as an administrator anyway, so there's really no point).
reply