13.3. File Security Fundamentals

Before we dive into how to properly secure file services, let's discuss some fundamentals of file security in Mac OS X. This will include the LKDC, POSIX and ACLs (covered more fully in Chapter 4).

13.3.1. LKDC

Because Apple is concerned about protecting peer-to-peer environments just as much as client-server environments, it has equipped every copy of Mac OS X with a Kerberos Local Key Distribution Center (LKDC). The LKDC, based on a Kerbeross authentication scheme, (Kerberos is discussed in Chapter 16) secures AFP, CIFS (Samba), and VNC services (VNC is covered more in Chapter 15). The LKDC implementation helps to secure communications, because it requires the nodes communicating with one another to prove ...

Get Enterprise Mac Security: Mac OS X Snow Leopard now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.