9 Replies Latest reply: Sep 1, 2008 3:46 PM by thre3dee
thre3dee Level 1 Level 1 (0 points)
Hi,

I've recently moved from a Vista gaming rig to a nice little silent Mac mini 2GHz with Leopard and have a problem with user permissions on my main external FireWire 750Gb disk.

As I like to keep most of my 'files' on my non-OS disk and have a backup on another disk (Time Machine is taking care of that now :D), I have my Media, Software and Files (my files) folders in the root of this external disk.

I have an extra 'Guest' user account (an actual non-admin account, not the Guest User account as sessions aren't persistent I believe) however I'm unable to completely block this user from accessing the 'Files' folder on my external disk. The other two main folders are not personal and are fine.

I can set the Guest permissions to read-only but if I try and remove the user or grant No Access (as well as giving 'Everyone' no access) I can't remove the user from either my (admin) account or the Guest account.

So at the moment the Guest account is still granted read access to my personal files! How do I remove access altogether to everyone except me on this external FW disk folder. Its in Mac Extended format btw.

On Vista this was as simple as removing everyone except me from the Security tab in the folder's properties. Why is this so difficult in Leopard?

edit** woops it went in the time machine forum.

Mac Mini 2GHz 2Gb DDR2, Mac OS X (10.5.4)
  • joshz Level 4 Level 4 (3,280 points)
    What is the name of your external drive, as well as the name of the folder with your personal files in it?

    If you give me those, I'll write a terminal command for you to change permissions so that only you can have any access to your files.

    Good luck!
  • thre3dee Level 1 Level 1 (0 points)
    Hi joshz

    Drive is 'Data' and folder is 'Files'. Is chmod what you're thinking? I didn't think of looking for a term command.

    Cheers.
  • joshz Level 4 Level 4 (3,280 points)
    > Is chmod what you're thinking?
    Yup.
    Open Terminal, and paste the blue text, one line at a time, in.

    The first command removes any ACLs that the system put in (that's how leopard attempts to manage permissions).
    chmod -RN /Volumes/Data/Files/


    The second command changes file permissions so that you have read, write, and execute access, and everyone else has no access.
    chmod -R 700 /Volumes/Data/Files


    That should take care of it for you.


    That won't work, since anyone can check "Ignore ownership and permissions on this volume" in the drive's get info pane to ignore any permissions you set up-there's no way to stop it, AFAIK.

    You could make an encrypted disk image and put your files in that-you need a password to open it. (But it would probably be a good idea to not remember the password in keychain.

    Message was edited by: joshz

    Message was edited by: joshz

    Message was edited by: joshz
  • Glenn Carter Level 4 Level 4 (3,360 points)
    I don't get it:

    You say, "I can set the Guest permissions to read-only but if I try and remove the user or grant No Access (as well as giving 'Everyone' no access) I can't remove the user from either my (admin) account or the Guest account."

    If you can successfully change the Guest account to "No Access" then you're done, you don't need to remove them any further.
  • thre3dee Level 1 Level 1 (0 points)
    well in the Everyone entry I can change it to No Access but the Guest only has Read/Write but no No Access choice and the remove button is disabled.
  • V.K. Level 9 Level 9 (56,130 points)
    you should be able to do it using the permissions section in "get info" panel. if that doesn't work, use the terminal comands that josh gave you they will work just fine.

    chmod -RN /Volumes/Data/Files

    chmod 700 /Volumes/Data/Files


    josh was wrong about disabling ownership on the drive. it can only be done with an admin password.

    one caveat. the external drive has to be formatted Mac Os extended.
  • joshz Level 4 Level 4 (3,280 points)
    josh was wrong about disabling ownership on the drive. it can only be done with an admin password.

    Really?

    I wasn't aware of that.

    Thanks for letting me know!

    BTW, V.K., I need some help with http://discussions.apple.com/message.jspa?messageID=7994571

    Message was edited by: joshz
  • V.K. Level 9 Level 9 (56,130 points)
    hi josh,
    I looked at that thread and you seem to be doing the only thing possible. i don't know why it wouldn't work. I must say I don't have any kind words for the OP in that thread. he pretty much got what he deserved - a nonfunctional system for messing with the OS with no understanding of what he was doing, no functional backup and no install DVD.
  • thre3dee Level 1 Level 1 (0 points)
    The chmod -RN flag didn't seem to work so I just did chmod 0 Files and that cleared all access then added myself through Get Info and the folder is now inaccessible for guest. Thanks for the help.

    Cheers