su: who are you?

Friday, March 31, 2006, at 02:45PM

By Eric Richardson

I'm still getting the NAT stuff set up on the xserve, and haven't even touched traffic shaping yet, but I was pretty amazed by how I managed to break things in the process of setting up a stateful firewall on OS X.

Apparently if you forget to allow connections via localhost, OS X sort of loses it. And I mean this to the extent that when logged in as admin, you no longer have an identity. su asks you who you are.

I guess I hadn't considered the ramifications of directory authentication, even when you're not doing remote stuff.