Security changes in Mac OS X Leopard


New wallpaper in Leopard!

Having used Mac OS X Leopard (Singapore, Australia) for the last few days on my MacBook Pro I've discovered many changes in security from OS X Tiger and earlier releases including some genuine surprises that threw me off guard! I'm posting what I've discovered here in the hopes it may be useful to other people.

NetInfo Manager is gone
A cursory glance at the Utilities folder will show NetInfo Manager has ceased to exist, like a certain Monty Python parrot. Some of the user specific features have been relegated to a very sneakily hidden menu in the Users panel of System Preferences.

NetInfo Manager is gone

If you want to change the UID or default shell assigned to a user for example, right click or CTRL click on the name of the user and click “Advanced Options” in the popup menu.

NetInfo Manager is gone

Firewall has moved
The Firewall has been moved in System Preferences from the “Sharing” panel to the “Security” panel. Reading comments on forums a lot of people are angry about this, but to me it makes perfect sense!
Firewall has been dumbed down
Aside from a crude menu that lets you add generic “.app” programs, there is no way now to create your own custom rules, port number assignments, UDP/TCP or anything whatsoever. I guess it’s back to the command line to configure these things.
Higher SSH encryption by default
If you open the /private/etc/sshd_config configuration file, Leopard ships with level 2 SSH security and without the option of falling back to level 1 like previous versions. This is a welcome change.
Graphically impossible to change your SSH port
But therein lies a problem! If you change your SSH listening port in your aforementioned sshd_config for obfuscation reasons, in the Leopard Firewall System Preferences pane there is no way whatsoever to open that SSH port because you’re limited to only creating generic rules based on .app’s and the Services you start in the “Sharing” panel; which will turn on port 22.

So some welcome security changes in Leopard, and you've got to hand it to Apple for trying to make configuring security more streamlined, but I'm disappointed that in doing so so much functionality has been lost. Hopefully Apple (or perhaps even a third party) will address the legitimate need to create custom Firewall permissions soon.

My machines with Leopard MacBook Pro!

If I've made any mistakes or you have anything to add, please post a comment. Cheers ^^.

Related Posts

Author bio and support


Ruben Schade is a technical writer and infrastructure architect in Sydney, Australia who refers to himself in the third person. Hi!

The site is powered by Hugo, FreeBSD, and OpenZFS on OrionVM, everyone’s favourite bespoke cloud infrastructure provider.

If you found this post helpful or entertaining, you can shout me a coffee or send a comment. Thanks ☺️.