laverne's mom wrote:
I guess what I don't understand is why it is different because in your admin account don't you also have to use your admin name and give your password to install a program?
OS X has four levels of "privileges"
Guest - nothing - deleted when finished
General User - just user files changes - no program installs
Admin User - almost all access - program install (drag and drop) - limited root user access (system wide installs) with sudo
Root User - turned off by default - ultimate and complete access to everything.
When you enter the Admin Username and Password, a Unix/Linux "sudo window" is created allowing temporary access to Root user privileges. It is closed after a time period. Sudo stands for "Super User Do" which "Super User is another name for the Root User.
To enable full Root user all the time, there is a special OS X procedure for doing so. Developers and programmers use it as it's too much trouble to be always using the sudo window to access root level files.
So the dangerous levels to be running while surfing the internet is Admin and especially Root user.
If a malicious program manages to run while your in Admin, it can write itself to the Applications folder perhaps do other nasty stuff, but without a sudo, it doesn't get Root access, with General User it has no access except to user files to delete, corrupt or load off site. Encrypted user files are not readable.