![]() ![]() ![]() As I thought about it more, I noticed that because Homebrew only installs in the user space /usr/local, it's not really a security hole. When I first looked at the requirements, I resisted installing Homebrew, as it allows a wide range of tools to be installed. They should be able to give you a starting point. The next thing is to get a good list of requirements from the users. It's not just security, but also the user who can benefit. It also allows support team members to track the Mac's setup through the computer's Jamf policy log. A policy in Jamf can easily run a single command or script with elevated privileges. I started by explaining that I could give them tools in Jamf to perform the tasks without elevated privileges. You've barely started to sketch build requirements before you hear the pleas, "admin rights, admin rights." I've been there, and it's a terrible place to be. The mobile device management (MDM) engineer at a high-security organisation can often find themself refereeing a tug of war between the usability and support requirements of high-end users, like developers and security personnel. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |