This is probably the most in-depth analysis of Mac OS X security I’ve ever read. It’s a worthwhile read. I was especially fascinated by the last section on preventative measures because we’ve spent so much time on this stuff in Windows Vista, and it’s all enabled by default, yet Apple has chosen to not do this work. Hhhmm, I wonder why?
You can get the document from here.