Setup guide

UNCLASSIFIED

Introduction

The purpose of this guide is to provide an overview of Mac OS X v10.3.x “Panther”

operating system security and recommendations for configuring the security

features. This guide provides recommended settings to secure systems using this

operating system, and points out problems that could cause security concerns in

systems using this operating system.

This document is intended for anyone managing a locally-administered Apple Mac

OS X v10.3.x system. It is assumed that anyone using this guidance will have some

experience using Mac OS X, and understands the basics of the Mac OS X user

interface.

Some instructions within this guidance are complex, and deviation could result in

serious adverse effects on the system and its security. Modification of these

instructions should only be performed by experienced Mac OS X administrators, and

followed by thorough testing.

Getting the Most from this Guide

The following list contains suggestions for successfully using the Apple Mac OS X

Security Configuration Guide:

• Read the guide in its entirety. Subsequent sections can build on information

and recommendations discussed in prior sections.

• This guidance should always be tested in a non-operational environment

before deployment. This non-operational environment should simulate the

architecture where the system will be deployed as much as possible.

• This guidance is intended primarily for a locally-administered Mac OS X

system. Much of the guidance may still be applicable even for a Mac OS X

system being managed by another server. If the system being configured will

be centrally managed by another system, the guidance given here should be

followed as closely as possible within that context, but some guidance may not

be applicable.

• Any deviations from this guidance should be evaluated to determine what

security risk that deviation may introduce, and measures should be taken to

monitor or mitigate those risks.