5 Replies Latest reply: Sep 4, 2007 4:30 PM by red_menace
Thompsound Level 1 Level 1 (5 points)
Good Evening,

I have 3 accounts on my Powerbook. Mine (the administrator), my partner's and our boy's.

The thing I don't get is that when I went to 'Users' earlier to access something from my partner's account I only had access to 'Public' and 'Sites' and not 'Desktop', 'Music', 'Movies' etc...

My access to our boy's account seems unlimited.

Thing is, when my partner is logged in, she is able to access ALL of my account - even though I am the administrator. Same with our boy's account - he has full access to all my files!

Any suggestions? It seems ludicrous that others can access the administrator's account but the administrator can't access other people's accounts.

Many thanks,

Billy.

15 Powerbook 1.5Ghz, Mac OS X (10.3.9), Lower memory slot not working.
  • 1. Re: I've no access to other accounts but other accounts can access mine!
    baltwo Level 9 Level 9 (60,115 points)
    Normally, no one should be able to access another's account information, via the GUI (graphical user interface); although, there are ways via the Unix command line interface for admin users/super users to do that. Need more details. Are your partner's and son's accounts admin user accounts? What are the ownership and permission settings on all three accounts? Open /Users, select one, and CMD+I to determine.

    Finally, click on the Desktop, Finder->Help->MacHelp->Index and search for accounts to see the details.
  • 2. Re: I've no access to other accounts but other accounts can access mine!
    Thompsound Level 1 Level 1 (5 points)
    Thankyou for the response Baltwo,

    Are your partner's and son's accounts admin user accounts?


    No.

    What are the ownership and permission settings on all three accounts?


    On the Administrator's account (me) they are:

    Owner: BT
    Access: Read & Write

    Group: BT
    Access: Read & Write

    Others: No Access - This was previously set to Read & Write so we've sorted that out - thankyou very much.

    On our lad's account it reads:

    Owner: BT
    Access: Read & Write

    Group: Admin
    Access: Read & Write

    Others: Read & Write

    This account is fine and how I want it.

    On my partner's account it reads:

    Owner: BT
    Access: Read & Write

    Group: rhirhi
    Access: Read & Write

    Others: Read only

    Thing is (and this is the account my partner wants me to have access to now and again (she has privacy on our other Mac!)) when I click the unlock button and change it to how our lad's account is it clicks straight back to the above settings when I re-click the lock.

    Hope you can help some more.

    Thanks again,

    Billy.
  • 3. Re: I've no access to other accounts but other accounts can access mine!
    baltwo Level 9 Level 9 (60,115 points)
    There's a disconnect here. Each account should be owned by user, not you (BT). Non-admin accounts shouldn't show Admin as group, but the lad's account shows you as owner and group as Admin. Additionally, Others should be read only on all accounts. What you can do, as admin, is delete the screwed up accounts, saving the data, recreate the accounts as desired, log into them, mount the appropritate saved data disk in /Users/Deleted Users/, and copy the stuff back.
  • 4. Re: I've no access to other accounts but other accounts can access mine!
    Király Level 6 Level 6 (9,475 points)
    Somehow, the permissions settings on your home folder's subfolders got hosed. This can happen if you delete them and then manually recreate them.

    You can fix it by logging in to your user account, opening Terminal, and entering this:

    chmod go-rwx ~/Documents ~/Movies ~/Library ~/Pictures ~/Desktop

    Other users should now be locked out of all of those.
  • 5. Re: I've no access to other accounts but other accounts can access mine!
    red_menace Level 6 Level 6 (14,615 points)
    Sounds like the permissions have been changed - for example, access allowed for the admin or an old user's group. Normally, a user (even an administrator) does not have access to another user's files. You don't go into another account to get files, that is what the Shared and Public folders and drop boxes are for:

    The /Users/Shared folder is used to share files between all users (it has read/write access by others), and a user's Public folder is for (read only) files that the user wants to share with others. The drop box in a user's Public folder is to pass files to that particular user.

    Check the permissions of various user folders - normally they are:
    The /Users folder is owned by the system, with read/write access for the admin group and read only for others.
    A user's home folder has read/write permissions for the owner, and read only for their group and others (read only is to allow access to their Public and Sites folder).
    The Public and Sites folder in a user's home folder has read/write permissions for the owner, and read only for their group and others.
    All other folders in a user's home folder have read/write permissions for the owner, and no access for group or others. Note that if folders or files are added to the root level of a user's home folder, the permissions should be changed to no access by group or others, otherwise they can be read by others (folders inherit the same permissions of the user's home folder).