Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 6 subscribers
  • Views 1623 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos makes me log into the Admin profile to scan entire drive

Macfan

I am both the Admin and seperate user (under different profile) on my mac mini.  I tried to scan the local drive logged in as a user.  Sophos said that I had to log in as the Admin to scan the entire drive.  I don't have a problem with requiring Admin authorisation but why not ask for Admin authorisation right then and their so I don't have to log out and then re-log in as Admin.  Other programs allow this all the time.  Would make the experience more streamlined and easier.

:1004567


This thread was automatically locked due to age.
  • 0

    This is likely a security issue, as the local scan is long-running and is being granted administrator access from userspace.

    A simple workaround is to create a custom scan of the local drives; that appears to work from a standard account.

    Funny; I don't recall seeing that message before; I'm pretty sure it used to let you scan as current user or authenticate as an administrator.

    As another workaround, you cal follow this hint for running software as another user.  Note the security warnings this article highlights... these are the reasons we don't just let you authenticate as admin.

    :1004571
  • 0

    Thanks.  I've run it as a custom scan and it didn't give me any message about needing to be logged in as the admin to scan the full disk.  However, I can't tell if it is scanning the full disk as I don't know the number of files across the whole disk.  Is there an easy way to tell if the custom scan is accessing all parts of the disk by looking at the logs?

    :1004583
  • 0

    I guess the easiest way is to check the scan log, which I believe logs files it is unable to open.  If there are no errors, then you've likely scanned them all.

    Of course, with fast user switching, it's trivial to log in as an admin user while you're still logged in in your other account... that method is preferable to the task.

    :1004591