Your user account does not have permanently "active" administration privileges.
All actions that require elevated privileges require you to enter your password. If you weren't an administrator, you'd need to enter an administrator's user name and password instead.
These actions include:
- Modifying or setting permissions on files and folders you don't own or have sufficient permissions to
- Installing applications that require
root
privileges somewhere along the line (e.g. for driver installation)
- Changing any of the system preferences
- Executing command-line utilities with elevated privileges
Without entering your own account's password, you can do nothing that requires elevated privileges.
What appears to be "automatic privileges", such as the ability to write to /Applications
, is realized using group memberships. Your admin account is a member of the wheel
and admin
groups, and /Applications
is group-writeable for members of the admin
group. Very few locations in the system have privileges like these. Here, it's simply a convenience feature.
The difference between having one admin account, or a primary, regular account and a secondary admin account are basically the permissions you lose by missing out on some group memberships, and slightly more hassle with granting administrator privileges both in the GUI and on the command-line (sudo
doesn't work anymore, as you're not a member of wheel
).
2Malware makers have finally waken up to the fact that Macs are popular enough to be valid targets. Don't make their job easier. – Mark Ransom – 2012-01-18T21:44:11.217
@MarkRansom Could you point me to any evidence of that (both actual malware, and how having an Administrator account on OS X enables them? And I don't mean fake DivX installers where you need to enter your admin password to "install". A nine year old can do that. – Daniel Beck – 2012-01-18T23:01:04.913
@DanielBeck, sorry I don't have any direct evidence, I'm not a Mac user. I do know that recent contests to take over a machine have been won by someone attacking OS X. And surely there wouldn't be admin privileges if they weren't protecting something important, would there? – Mark Ransom – 2012-01-18T23:11:43.913
@MarkRansom There are (or were) remote exploits, e.g. weaknesses in Webkit and/or the image libraries, but they just get you onto the system with the current user's privileges, which, by default, aren't endangering the system. Regarding admin/user accounts, see my answer. It's largely the difference between entering your own password, or another user's, when prompted. If you're the only person using the machine, it doesn't make a difference. – Daniel Beck – 2012-01-18T23:22:05.083