afongen
Sam Buchanan's weblog.

ClamXav, and don't run as admin

I've been asked a couple times recently about virus protection for Macs. There are several commercial options, but I'm inclined to use ClamXav, a free virus checker that uses the open source ClamAV antivirus engine.

You can gain some additional protection by not logging in with an administrator account. Doing this reduces the impact that an attack can have. The account I use every day has no special privileges. I've set up a separate user that exists solely as an administrator account. When I need to install software, the GUI installer prompts me for the admin username and password. From the command line, I just use sudo for everything, and occasionally su when there's a lot of typing involved.

This is nothing new to security-minded folks, but even some long-time Unix users who wouldn't dream of logging in as root don't think about it on their Mac. It took me a while to make this switch, even after I decided it was a good idea.

It's also worth noting that you can and should avoid running as admin on Windows. Aaron Margosis has put together a page with what you need to know to run Windows as non-admin.