About permissions and multiple user access

Discussion in 'macOS' started by Jiddick ExRex, Jan 22, 2007.

  1. Jiddick ExRex macrumors 65816

    Jiddick ExRex

    May 14, 2006
    Roskilde, DK
    I screwed up and gave both my mom and dad and myself administrator privileges when setting up their new iMac (which technically means they can **** it up without me knowing it. To my knowledge they alread have). Anyways, it's rather difficult to gain access to their folders and files seeing as the ownership and permissions differ depending on who made it. I just want to clear it up:
    What do the different permissions really mean in 'more details', ie. groups, owner, others...? What should the permissions be to be optimized (and not making sure that they mess up eachother's folders)??
  2. mkrishnan Moderator emeritus


    Jan 9, 2004
    Grand Rapids, MI, USA
    I don't think you should have to worry about any priviliges with respect to files inside their home directories. Or rather, don't touch those. Also don't touch /library (it seems like these should all be root:admin, but the last time I tried that, bad things happened! :( ), or /system.

    With respect to /applications, generally, this is also not an issue, but if you want, it is okay to set everything in there to belong to root:admin.

    But basically, all you have to do is log in from an admin account, select their accounts in system preferences -> accounts, and then change them to standard users. And you should be done.

    Generally, there are three aspects to file ownership and permissions:

    1) The owner -- the person who created the file, and the person who typically (though not necessarily) has the highest privilege level.

    2) The group -- this is a group of users who may be given privileges to the file, such as all administrators.

    chown is the command that handles owners and groups.

    3) Permissions -- there are three sets of permissions that specify what the owner, the group, and all others, respectively, can do to the file. These permissions address whether these individuals can read, write, delete, and/or execute the file.

    chmod handles permissions for the groups defined by chown as well as for all others. You can find tutorials about this -- there are several ways to set the privilege level for owner, group, and others.

    But generally, since any "installed" files that live outside the users' home directories are installed with admin privileges (e.g. to the apps folder), they are installed with the Admin group as well. Because of this, it usually doesn't matter who "owns" the file, and you really get no benefit from going through and changing ownerships.

    The major exception is when regular users need read/write access outside their home directory. This comes up in cases like that shared iPhoto library you were asking about. Then you have to plan it out carefully. Otherwise it generally doesn't matter.
  3. sarge macrumors 6502a


    Jul 20, 2003
    On my next machine

    Should I bother with setting an admin account? Everytime I load a new plug in or program, i seem to have problems. I usually load applications while logged in as the admin, but when I update them, the new plug-in's aren't always available to the standard user account.

    I just tried loading a PS camera raw plug and it's available when Iam signed in as the admin, but when open PS under my user account, there is a folder where the plug in should be denying me access to it.

    Does anyone have advice on the best way to manage loading new software and plug ins?

Share This Page