Sharing only ONE folder with the network...even to admins?

Discussion in 'Mac OS X Server, Xserve, and Networking' started by Taustin Powers, Jul 10, 2008.

  1. macrumors regular

    Joined:
    Apr 5, 2005
    #1
    I'm trying to share one folder on my Mac Pro with the other Macs in my household. But when I enable file sharing, it automatically opens the entire computer to all the admins in the network. I have found no way to restrict this and make only the shared folder accessible for admins yet....

    Help?
     
  2. macrumors regular

    Joined:
    Jan 6, 2008
    #2
    Are all of the admin accounts located on the Mac Pro? If so you might want to consider changing that because having that many people with admin access probably isn't the best idea. Especially since users with admin accounts can jack with the root account. I can't think of a way to set permissions on a certain part of the file system to restrict "certain" admins. Moreover, that wouldn't make much sense from a security point of view.
     
  3. thread starter macrumors regular

    Joined:
    Apr 5, 2005
    #3
    We have three Macs in the household, and each of them has one admin account.

    I want to share one folder of my Mac Pro with the other two computers (iMac and MacBook). But when someone logs into the other computers with an admin account, they automatically have access to my entire hard drive.

    What I would want to do is restrict the access to my Mac Pro to only one folder, for EVERYONE, including other admins. I just don't like the idea of my whole hard drive being accessible from another computer, no matter who uses it.
     
  4. macrumors 6502

    Joined:
    Jul 29, 2004
    #4
    What OS are you running on your machines/other machines/server? Are they part of a domain, i.e., authed against a server rather than local? How do the other users log into your mac (I assume they use their login info?) Are we talking about AFP shares or SMB?
     
  5. macrumors 68040

    tobefirst

    Joined:
    Jan 24, 2005
    Location:
    St. Louis, MO
    #5
    If you're still running Tiger, SharePoints worked well for me in the past. It doesn't appear they have a Leopard version, though.
     
  6. thread starter macrumors regular

    Joined:
    Apr 5, 2005
    #6
    Running Leopard on all machines.

    The MacBook finds the Mac Pro automatically, and when I log in with the MacBook's admin user name & password, I get full access to the Mac Pro's hard drive, even though no account with that name has been set up on the Mac Pro.

    This from OSX help:

    "Users you have set up with accounts in Accounts preferences can access your computer by connecting to it over the network. A user with an administrator account can access your entire computer."

    This is what's happening. An admin can access my entire computer as soon as I enable file sharing, no matter what.

    Is there a way to work around this?
     
  7. macrumors regular

    Joined:
    Jan 6, 2008
    #7
    I just tried logging in to my iMac using the admin account that I have on my PowerBook and no such luck. Everytime I do it the account needs to exist on the computer you are connecting too...

    I believe the quote you cited is refering to admin accounts on the local machine. Are you just running regular OS X on the pro?
     
  8. thread starter macrumors regular

    Joined:
    Apr 5, 2005
    #8
    Yep, just regular OSX.

    And there is no account of any sort with the MacBook's admin user name on the Mac Pro. But on the MacBook, when I say "Connect As...", and I put in the MacBook's admin user name, I get full access.
     
  9. macrumors 6502

    Pigumon

    Joined:
    Aug 4, 2004
    #9
    Do you have accounts for every other computer set up on your mac pro?

    If you have the Mac Pro with just one admin account, and no others, and a different password than all the others, you should be able to restrict access to just the folder you want.

    But if you have multiple accounts set up on the Mac Pro that match the other computer's accounts, then they can just sign on with their account name and password.
     
  10. macrumors regular

    Joined:
    Aug 20, 2007
    Location:
    In the snow with Rosebud
    #10
    Hi there. I am having the same issue as the OP. I'm just curious about this issue because (naturally) I'd like to control access to my files as much as possible. I just got a MacBook this week and networked it with my iMac. I was sharing files via the drop box and screen sharing via iChat without too much trouble. When I booted up my macs this evening, I found that I had unlimited access to the entire HDD of both computers via the network. This is actually desirable in my case, but I have a roommate with a powerbook and Leopard. We networked our computers and can only share via the public folder. Why the difference i wonder?

    When I set up the connection between my MacBook and my iMac I used my admin password. Is this the issue? Let's use "joust" as an example. I log in to both computers using the same username and "joust" as the password. I also used "joust" as the password that must be entered to connect over the network. Is this what is allowing full administrator access via the network.

    Had I used the password "coleman" instead of "joust" when creating the Sharing Only account, would my other computer have limited access to shared folders only? At this point, I only have Drop Box listed as a shared folder. It isn't affecting a thing.

    Sorry to revive a month old thread with a newbie question, but I'd like to learn more. If you have any thoughts, I'd really appreciate it

    Thanks!
     
  11. macrumors 68040

    tdhurst

    Joined:
    Dec 27, 2003
    Location:
    Portland, OR
    #11
    Ummm...

    Turn on file sharing and store the folder you want in your public folder. Have them login as guest.
     
  12. macrumors member

    Joined:
    Jan 4, 2008
    Location:
    Mayaguez, PR
    #12
    Here is a video I did on how to share only select folders or drives with a home network so that the users can only access a certain folder rather then the admins have full access to the entire hard drive it self. Hope that helps ya out.

    http://www.youtube.com/watch?v=sh0RIlCsH6w
     
  13. macrumors regular

    Joined:
    Aug 20, 2007
    Location:
    In the snow with Rosebud
    #13
    Thank you, that does help. I was getting mixed up because sometimes I would connect to my other computer using my admin username and password instead of the username (short name) and password that I used to create the sharing only account. Don't want people accessing my hard drive and finding anything...unsavory. Thanks again!
     
  14. macrumors member

    Joined:
    Apr 17, 2007
    Location:
    NC USA
    #14
    Exactly what I was thinking. Great minds... :cool:
     

Share This Page