Cookie Tin Tips IV

This series is directed to potential switchers. It's about Unix. Remember when reading that Unix is considered more than an operating system: it's a way of thinking.

Where Things Go

Get It Try It

This part of the series is about how you treat software on your OS X computer.

1. The operating system is in '/System'. Don't ever go there. Don't let anyone else go there either.

2. Apple's own applications are in '/Applications'. Let Apple put their stuff there. But unless you have multiple physical users on the box and you really know what you're doing, don't you - and don't let any software either.

3. Your home directory is the proper place for everything you add on.

More about #3 above: your system will not come default with an '~/Applications' directory but the system is geared to expect it. So create it - right now if you already have an OS X box. Do this either through your file browser or from the Unix command line. It's painless either way.

% mkdir ~/Applications

Your system will automatically look for things in a lot more locations than you could ever have been aware of; the ACP application Lightman will list them all.

In addition: the system is 'smart' - 'artificially intelligent' - in that every time you run an app it remembers where that app was located. Odds are you'll never need to use a full path to invoke a GUI app: the system will already know.

The cache for these paths is located in the following file. It's binary, so don't try reading it - although you could try with a hex editor or with the ACP application Xstrings.

/Library/Caches/com.apple.LaunchServices.LocalCache.csstore

So yes - there's a special genie running called the launch services that takes care of remembering where everything's located so you never have to bother about it again.

Protect Your Password

Beware of installers for new applications that want your administrative password. Your password escalates them to root to do things to your computer you will not normally do yourself. And you'll have little clue what they did and have it rather hopeless to track them down.

Thus it's best to not use software that has an installer. And if the app does have an installer then rush it right to the Trash if it asks for your password.

Trusting no one is a good way to survive; what's also important is to understand that malfeasance need not be behind it all - it could be just ordinary stupidity - and when you venture into sensitive system areas you run risks.

Unix is secure - but its security depends on you being careful. If you want to shoot yourself in the foot and are really bent on the idea then sooner or later you'll find out how - and guess what happens then?

You should always have the option to put your new software anywhere you please - and then choose '~/Applications' or a subfolder thereof as the appropriate location.

There are exceptions to every rule and to these rules as well but if you don't know what you're doing then don't break the rules.

Tracking

Another good rule when installing new software is to remember you can in essence track everything that happens on your system without lifting a finger and without investing in any protective software.

1. If you don't give in and give away your password then no installer can hurt you.
2. If you make the following preparations before you begin then no app can either.

As soon as you've downloaded any new software, disconnect from the net and any network connections you have. Make sure you're running standalone.

Do not open or create any new files. As a final precaution: find the file you downloaded and issue the following command from Terminal.

% touch <file you downloaded>

This will give the file the current time. You will need this later.

Now run your 'install' or actual app as the case may be. If there was an installer and you decided to go ahead anyway (and hopefully did not give away your password) then run the actual app when you are finished. Then go back to Terminal and do the following.

% sudo find / -newer <file you downloaded> >newer.txt

When you get the command prompt back again the results will be in the file 'newer.txt'.

With the '-newer' switch find looks for all files newer than the one you specified - in this case the file you downloaded, which should be the newest file on your system until you ran the app and its installer.

Thus newer.txt will tell you everything that has happened since. You need no more to track down any possible damage (infiltration) the new software has attempted.

You can ignore what you find at the path /dev but everything else is something to look closely at - everything else is something in your file system that was put there or modified by the new software.

If you want to remove the software then newer.txt is where you should look. You might move the file into the 'Contents' directory of the app: if you want to uninstall, it's right there at your disposal; if you move the app, it follows along. It's all you need and the ultimate defence against malfeasant or dumb software.

Caches

Now and again you might need to clean your caches. As time goes on your system will remember a lot of apps running at a lot of locations that no longer exist.

This is how you clean the caches.

1. Clean them.
2. Reboot immediately.

The caches are located at the following paths.

/Library/Caches
/System/Library/Caches
~/Library/Caches

You don't need to destroy the directory structure when cleaning the caches, but you do need to be root, so using 'sudo' is necessary. Your command line will be the following.

% sudo rm /Library/Caches/* /System/Library/Caches/* ~/Library/Caches/*

As soon as you have done the above - reboot ASAP. Immediately.

Select 'Restart...' on your Apple menu and hold down '⌥' ('option'); the system will reboot without a prompt.