In a related development on this blog entry about various layers of operating system security, it would appear net-security.org saved me the extra work of outlining ways to further secure a Mac running OS X. I'm glad 'cuz they obviously know their stuff, and I don't. heh.
I would invite Windows users of all flavors to post similar pointers to their favorite geek forums, or as replies to this post.
One thing the PDF doesn't appear to mention is Mac OS X's very interesting user access restrictions: Apple Menu --> System Preferences --> Accounts . From there you can either create an account to play around with, or select an existing account you're not logged into. Select Account --> Limitations Tab --> Check "This user can only use these applications:" box. We're talking here about defining a list of applications the user may launch. Combine that with making the user a non-administrator user who can only write to their home directory, and you have yourself a very powerful way to further limit the amount of damage that can be inflicted upon your Mac. If I was in charge of a School Computer Lab, or, say Corporate IT in an industry where computer usage is very-much restricted to a set of a few basic apps, I so would leverage the crap out of this feature. It is truly cool.
I'm all about use cases, so I created "user DZ", set those restrictions and set myself to do what an average luser would do: download and install LimeWire. Here's a screenshot of what happened 8). update: fixed the screenshot link