---

BSD and Mach

The Mac OS X kernel—the heart of the operating system—is built from BSD and Mach. Among other things, BSD provides basic file system and networking services and implements a user and group identification scheme. BSD enforces access restrictions to files and system resources based on the user and group IDs. Mach provides memory management, thread control, hardware abstraction, and interprocess communication. Mach enforces access by controlling which tasks can send a message to a given Mach port, where a Mach port represents a task or some other Mach resource (see “Mach Port Rights” for a discussion of Mach ports). BSD and Mach are both critical to enforcing local security; if you can break the security provided by one, you can break the other as well.

BSD security policies and Mach access permissions constitute an essential part of security in Mac OS X, but fall far short of all the capabilities that are needed. For example, although BSD can restrict access to a file to a particular user ID, it provides no facility for checking passwords or otherwise verifying that the person or process using that ID is who they claim to be. Similarly, once Mach has given the rights to one task to control another, it cannot restrict the data or features the controlling task can access.

It’s important to note that BSD and Mach access permissions are enforced by the operating system and therefore affect every process running in Mac OS X. In contrast, application-defined security policies must be enforced by those applications. The Mac OS X security APIs discussed in this document are available for that purpose.

For more information about the roles BSD and Mach play in Mac OS X, see Mac OS X Technology Overview. For a more detailed description of Mach and BSD access permissions, see “Mach Port Rights” and “BSD.”

---