Protection.

Physical security of servers is as important, if not more important, than network security. As Macintosh Managers we must recognize that significant weakness of our platform.

  • MacOS 9 and earlier have little or no default console security.
    If somebody has access to the keyboard, they have your box.

  • MacOS X is better, but still vulnerable from the console.
    “Single-user mode” is the fastest path to root on any unix.




  • The solution: a door with a lock.
    Don’t put your servers in an open office.
    Anything more elaborate than a door (armed guards, barbed wire, man-traps, biometric scanners, whatever) is just eye candy.


  • Limit the key to authorized staff.
    Yes, even the CEO needs to be escorted.
    The janitor is *you.*