Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 19 replies
  • Subscribers 6 subscribers
  • Views 42430 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

New user several questions

brvx

First, for the automatic update interval, how is the time calculated? Is it ordinary chronological time, or is it actual computer running time. For example, if I select automatic updating for daily, with the last update having occurred at 9 AM Tuesday, will the next update happen at 9 AM Wednesday, provided the computer is not sleeping at that moment. Or will it need 24 hours of actual computer running time, which might not happen if the computer is sleeping for extended periods perhaps until several days later?

Second, I ran Sophos (9.0.8) yesterday booted from a 10.6.8 partition on an external drive. It calculated something like 1,900,000 files/folders to scan. The 10.6.8 boot volume was only around 701,000. The other volume on that drive, a 10.8.5, is around 607,000, which, if Sophos was scanning both, still comes nowhere near close to the total Sophos calculated. If I add in the internal 10.6.8 volume, the total is a figure around 2,001,000, still not the 1,900,000 I saw, but more plausible. Was it scanning all three volumes? I am very puzzled about the number of files Sophos calculated. Naturally, this scan took far longer than intended.

Finally, although I logged in to my admin user in order to run the scan, I am normally running out of a standard account for security. So, of course, there I could see that my admin user was out of bounds. But from the standard user, I ran a shell script which opened Sophos with root privileges (do shell script "/Applications/'Sophos Anti-Virus.app'/Contents/MacOS/'Sophos Anti-Virus' > /dev/null 2>&1 &" with administrator privileges) When I opened Sophos that way, I was able to see the other user, but I still got the notice that I was running using "current privileges." Not sure why that didn't disappear when opened as root, but what I wonder is, since that notice didn't disappear, if running as root will have the necessary privileges needed to scan all system files, and if anything is found, will I be able to "clean" that infection--should it really need to be cleaned? I would not like to have to log in to my admin account in order to do either of those, completely scan all system files, and clean, when necessary.


:1016041


This thread was automatically locked due to age.
Parents
  • 0

    Thanks for the informative reply. Just wanted to point out that, from what I've read, including discussions at ASC (Apple Support Communities), the go to fail bug was only present in 10.9. And there were many more vulnerabilities patched in 10.9 (and 10.7 and 8) besides that one in those recent updates. And what is worrying is that Apple more or less identified what those were, at least in broad terms, maybe giving the bad guys some ideas about how to exploit those vulnerabilities in 10.6, some of which I understand are also present there.

    But because of security concerns, I am considering dual booting Snow and ML on the internal drive, with Snow reserved when needed only for running PPC apps. Apple will never "formally declare" EOL for any OS. They have never done that, and I expect they won't for Snow. They'll just let it languish until everyone figures out there will be no more security updates.

    I'm hearing that 20% of Apple desktop users are still running Snow, so I hope you will be able to continue support for Snow, obviously not indefinitely, but for a good long time to come.

    EDIT: Oh, and you wrote,"When the GUI detects it was launched as a standard user, it will only scan the disk as a standard user. Otherwise it will give you the option to authenticate as an administrative user (doesn't have to be the same user as you are running as) to enable scanning as root."

     

    All I get from the standard account is "To scan all files on this Mac, you must log in with an administrator account" with these radio buttons: "Cancel" and "Scan with current privileges." Not seeing how to authenticate from there.

    :1016103
Reply
  • 0

    Thanks for the informative reply. Just wanted to point out that, from what I've read, including discussions at ASC (Apple Support Communities), the go to fail bug was only present in 10.9. And there were many more vulnerabilities patched in 10.9 (and 10.7 and 8) besides that one in those recent updates. And what is worrying is that Apple more or less identified what those were, at least in broad terms, maybe giving the bad guys some ideas about how to exploit those vulnerabilities in 10.6, some of which I understand are also present there.

    But because of security concerns, I am considering dual booting Snow and ML on the internal drive, with Snow reserved when needed only for running PPC apps. Apple will never "formally declare" EOL for any OS. They have never done that, and I expect they won't for Snow. They'll just let it languish until everyone figures out there will be no more security updates.

    I'm hearing that 20% of Apple desktop users are still running Snow, so I hope you will be able to continue support for Snow, obviously not indefinitely, but for a good long time to come.

    EDIT: Oh, and you wrote,"When the GUI detects it was launched as a standard user, it will only scan the disk as a standard user. Otherwise it will give you the option to authenticate as an administrative user (doesn't have to be the same user as you are running as) to enable scanning as root."

     

    All I get from the standard account is "To scan all files on this Mac, you must log in with an administrator account" with these radio buttons: "Cancel" and "Scan with current privileges." Not seeing how to authenticate from there.

    :1016103
Children
No Data