File Sharing is sharing too much!

I have solved the problem on my own: On my MacBook Pro, I explicitly disconnected from the MacMini, and then reconnected, still as user "tauchris", which has Administrator privileges. Once I did that, the "wasserham" home folder share disappeared, and was replaced by "Macintosh HD", through which I can browse everything. When browsing down into other users' home directories from the "Macintosh HD" share, I was correctly denied access into folders owned by other users with permissions set to exclude group/other access. So, now things look as they should have looked in the first place, and all is well.

I read this positive proof that there was some bug in file mounting or file sharing, which was cleared up by essentially resetting the remote mount (by disconnecting and reconnecting, without making any other changes on either the client or the server).

Linc, I appreciate your having taken the time to respond, despite the fact that your comments sounded pompous and dismissive, and that your advice was ultimately incorrect.

Thanks for the reply Linc. I am indeed connecting to the fileserver host (MacMini) using an account that has admin privileges on that box. But why do I only see this one account's home directory? There are other accounts on that same host (some with admin, and some without), which are not showing up? Is it showing the "wasserham" home folder because that user owns the "Scanner Inbox" folder that I've shared?

And in any case, is there any way to stop "wasserham" from showing up? It's strange-- I have more privileges through the network mount than I do when I'm logged directly into MacMini as admin. I.e., when I'm directly logged in (as an admin-privileged user), I can't even look inside subfolders of the "wasserham" home folder (other than by opening a shell and using "sudo", which is logged). But over the network, I can not only look through every file in the "wasserham" home folder and all its subfolders, but also directly edit files there-- even if the file permissions are 0700 or 0500 (no perms for group/other). This seems wrong, or at the very least, inconsistent with generally-accepted security practices for shared folders... I sure would like to stop it.

Thanks again, Linc. I'm afraid this doesn't answer the question.

Let me try asking it a different way. On my MacMini, I have two login accounts with administrator privileges, and two "standard" accounts without admin privileges. The standard/non-admin accounts are "wasserham" and "standardsam". (I just created "standardsam" to help explain the issue.) When I connect to my MacMini from another computer using an administrator login, I see the folder I have explicitly shared (Scanner Inbox), and I see Standard Sam's Public Folder (and only his public folder). But for "wasserham", I see the entire home directory, and I have full privileges to read, write, create, and delete anything anywhere in "wasserham".

So the question is Why? I can't be simply because I'm using an administrator account-- if that were true, I should be able to see Standard Sam's entire home folder, but I cannot.

Thanks for your help! Looking forward to hints or advice from anyone who knows what's going on here. 🙂

Thank you Drew-- I didn't notice that I was connected with different credentials before and after the disconnect. This makes some sense. The gmail creds tell me I must have connected with my AppleID at some point (though I don't recall having enabled that). I use the same AppleID for iCloud in the "wasserham" account, so it makes some sense that I'd have access to that home folder. However, I also use that same AppleID for iCloud in two other accounts on the MacMini, and they did not show up. So, your observation is very helpful, and I think you have gotten me much closer to the truth than anything else I've seen or done thus far. But it's still a bit mysterious and inconsistent.

In any case, disconnecting and reconnecting did resolve this issue completely. Thanks!