Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

OSX file sharing permissions

D

Drew80

macrumors newbie
Original poster
Jan 11, 2013
7
0
Hey everyone,
I'm still using an old Snow Leopard install on my Mac Mini, and I have a file sharing issue that I've been playing with for hours now. I have a folder on the server that I want to share across my network, but only to certain users (really just myself). I have file permissions for Everyone set to "No Access" and RW access for myself. I have guest access disabled.

Guests can't see any shared folders, as intended, but my wife can still log into the server and not only see the folder but get full write access. Does Snow Leopard just not respect file permissions?
 
RE: permissions, servers, file sharing...

Hi Drew80,

I don't know how "big", in size, is the folder that you are trying to share, but if there are a significant number of files/folders in it then you may have to wait some time before it becomes available. Basically, if you recently changed the permissions to give yourself R/W, then the server has to propagate those permissions to all files/subdirectories in the share before they actually become available to you. Depending upon the size of the share and the number of files, this can potentially take hours.

...just a thought...

Regards,
Switon
 
switon said:
Hi Drew80,

I don't know how "big", in size, is the folder that you are trying to share, but if there are a significant number of files/folders in it then you may have to wait some time before it becomes available. Basically, if you recently changed the permissions to give yourself R/W, then the server has to propagate those permissions to all files/subdirectories in the share before they actually become available to you. Depending upon the size of the share and the number of files, this can potentially take hours.

...just a thought...

Regards,
Switon
Click to expand...

It's large in total size, but there aren't many files or folders. The files are just big.

If it were a propagation issue, I would expect that I might not have access while it's resolving that, but I would never expect my wife to have access when permissions for Everyone are set to 0.
 
RE: does your wife...

Hi Drew80,

Does your wife own the files or belong to the same group? Is she sharing using a different protocol, perhaps SMB? How is she mounting the shares?

ACLs and POSIX permissions are different and slightly complementary and contrasting. Take a look at the actual ACL permissions on a file that your wife has access to with the Terminal command:

ls -ale <filename>

where <filename> is the filename of a file that your wife can read and write. Are there "inherit" privileges on the directory/subdirectory?

Good luck,
Switon
 
switon said:
Hi Drew80,

Does your wife own the files or belong to the same group? Is she sharing using a different protocol, perhaps SMB? How is she mounting the shares?

ACLs and POSIX permissions are different and slightly complementary and contrasting. Take a look at the actual ACL permissions on a file that your wife has access to with the Terminal command:

ls -ale <filename>

where <filename> is the filename of a file that your wife can read and write. Are there "inherit" privileges on the directory/subdirectory?

Good luck,
Switon
Click to expand...

She's accessing the server via the shared section in Finder, so (afaik) that's AFP.

Even if she belonged to the same group, I have group permissions disabled. The shared folder is set to 700. Just as a sanity check, I did a chmod -R 700 on all subfolders and files within the shared folder. Still full access from my wife's computer.

WTF :confused:
 
RE: ACLs vs POSIX...

Drew80 said:
She's accessing the server via the shared section in Finder, so (afaik) that's AFP.

Even if she belonged to the same group, I have group permissions disabled. The shared folder is set to 700. Just as a sanity check, I did a chmod -R 700 on all subfolders and files within the shared folder. Still full access from my wife's computer.

WTF :confused:
Click to expand...

This is why I suggested that you check the ACLs and not just the POSIX...

Switon
 
One thing I just found that might be a factor -- this is an external drive.
 
I checked the ACLs on the shared folder and the files within, and there are no rules set up. So no, there's isn't an inherit going on.
 
As another sanity check, I set permissions to 600, and no one could access the folder. It appears that any user hitting a shared folder that is on an external drive accesses that folder as the owner.
 
RE: file sharing and server software...

Hi,

I'm not certain just what options you have for file sharing without the server software since I use the server software for my shares. But with the server software you can control things like this, i.e., when a user mounts the share they are considered to be the owner. This can be turned off in the server software too, but I'm not sure it can be turned off in the non-server Mac OS X file sharing.

Switon
 
this may sound silly, but is Ignore ownership on this volume checked for the external drive?
 
ZMacintosh said:
this may sound silly, but is Ignore ownership on this volume checked for the external drive?
Click to expand...

It actually wasn't originally, but I fixed that early in the thread. Still no luck.

I'm leaning toward this being a bug in Snow Leopard. I have all permissions set correctly, and the volume is explicitly set to NOT ignore ownership, and anyone is still allowed to view this folder. Don't see another explanation.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back