Cookie Tin Tips IV

This series is directed to potential switchers. It's about Unix. Remember when reading that Unix is considered more than an operating system: it's a way of thinking.

Where Things Go

Buy It Try It

This part of the series is about how you treat software on your OS X computer.

1. The actual operating system itself is in '/System' - don't ever go there and don't let any software go there either.

2. Apple's own applications are in '/Applications'. Let Apple put their stuff there, but unless you have multiple physical users on the box and you really know what you're doing, don't you - and don't let any software either.

3. Your home directory is the proper place for everything you add on.

More about #3 above: your system will not come default with an '~/Applications' directory, but the system is geared to expect it. So create it - right now if you already have an OS X box. Do this either through your file browser or from the Unix command line. It's painless either way.

% mkdir ~/Applications

Your system will automatically look for things in a lot more locations than you could ever have been aware of; the ACP application Lightman will list them all.

In addition, the system is 'smart' - 'artificially intelligent' - in that every time you run an app it remembers where that app was located. Odds are you'll never need to use a full path to invoke a GUI app: the system will already know.

The cache for these paths is located in the following file. It's binary, so don't try reading it - although you could try with a hex editor or with the ACP application Xstrings.

/Library/Caches/com.apple.LaunchServices.LocalCache.csstore

So yes, there is a special genie running called the 'Launch Services' which takes care of remembering where everything is located so you never have to bother about it again.

When you get new software, beware of installers that want your administrative password. With this password they can in effect escalate to root and do things to your computer you will not normally do yourself, and you'll have little clue what they did and have it rather hopeless to track them down.

Thus is is best to not use software that has an installer, and if the app does have an installer, rush it right to the Trash if it asks for your password.

Trusting no one is a good way to survive; what's also important is to understand that malfeasance need not be behind it all - it could be just ordinary human dumb stupidity - when you venture into sensitive system areas you run risks.

Unix is secure, but its security depends on you being careful. If you want to shoot yourself in the foot and are really bent on the idea, sooner or later you will find out how - and guess what happens then?

You should always have the option to put your new software anywhere you please - and then choose '~/Applications' or a subfolder thereof as the appropriate location.

There are exceptions to every rule, and exceptions to these rules as well, but if you don't know what you're doing, don't break the rules.

Another good rule when installing new software is to remember you can in essence track everything that happens on your system without lifting a finger and without investing in any protective software.

1. If you don't give in and give away your password, no installer can hurt you.

2. If you make the following preparations before you begin, no app can either.

As soon as you've downloaded any new software, disconnect from the net and any network connections you have. Make sure you're standalone.

Do not open or create any new files. As a final precaution, find the file you downloaded and issue the following command from Terminal.

% touch <file you downloaded>

This will give the file the current time. You will need this later.

Now run your 'install' or actual app as the case may be. If there was an installer and you decided to go ahead anyway (and hopefully did not give away your password) then run the actual app when you are finished. Then go back to Terminal and do the following.

% sudo find / -newer <file you downloaded> >newer.txt

When you get the command prompt back again the results will be in the file 'newer.txt'.

With the '-newer' switch find looks for all files newer than the one you specified - in this case the file you downloaded, which should be the newest file on your system up before you ran the app and its installer.

Thus newer.txt will tell you everything that has happened since. You need no more to track down any possible damage (infiltration) the new software has attempted.

You can ignore what you find at the path '/dev', but everything else is something to look closely at: everything else is something in your file system that was put there or modified by the new software.

If you want to remove the software, newer.txt is where you should look. You might move the file into the 'Contents' directory of the app: if you want to uninstall, it's right there at your disposal; if you move the app, it follows along. It's all you need and the ultimate defence against malfeasant or dumb software.

Now and again you might need to clean your caches. As time goes on, your system will remember a lot of apps running at a lot of locations that no longer exist.

This is how you clean the caches.

1. Clean them.
2. Reboot immediately.

The caches are located at the following paths.

/Library/Caches
/System/Library/Caches
~/Library/Caches

You don't need to destroy the directory structure when cleaning the caches, but you do need to be root, so using 'sudo' is necessary. Your command lines will be the following.

% sudo rm /Library/Caches/*
% sudo rm /System/Library/Caches/*
% sudo rm ~/Library/Caches/*

[You can put this in a single line script of its own of course: simply put it all on one line with semicolons separating the commands. Make sure to leave 'sudo' in each command. You can also preface 'sudo rm' once to all three paths on one line.]

As soon as you have done the above - a single line you can invoke (for example from within CLIX) will suit you better - reboot ASAP. Immediately.

Select 'Restart...' on your Apple menu and hold down the 'option' key; the system will reboot without a prompt.