If I set up an additional standard user on my Mac, can I restrict all or part of an external drive (backup drive) so they can't browse it from their login?
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Restricting users access to external drive
- Thread starter GGJstudios
- Start date
- Sort by reaction score
open the Get Info window for the folder on your external hard drive that you want to restrict and under Sharing and Permissions give "No Access" to the standard user.
That was the first thing I tried, and what I wanted. "No Access" is only available as an option for "everyone", which apparently does not include the standard user. For the standard user, as well as "staff", the only options available are "Read & Write", "Read only" and "Write only (Drop Box)".
I want to be able to share some files on the drive, as needed, but leave the rest unavailable for even browsing. Also, I don't want the performance degradation that comes with encryption.
not sure sorry, hopefully a more experianced OS X user will hop on and help you. you might be able to do it in the Terminal.
"unrestrict" external drive
my ibook will see and connect to my xp pc and the segate external drive connected to it... my pc will see and connect to my ibook(desktop,documents,library,music,pictures) but the external drive connected to it(ibook) does not show up on xp pc... both external drives are fat32... do i need to create an "alias" or something like it?
my ibook will see and connect to my xp pc and the segate external drive connected to it... my pc will see and connect to my ibook(desktop,documents,library,music,pictures) but the external drive connected to it(ibook) does not show up on xp pc... both external drives are fat32... do i need to create an "alias" or something like it?
You may want to create a separate thread for your question, as it does not relate to the topic in this thread.
I made the mistake of posting this question too close to the WWDC and I think it may have gotten lost in all the excitement. Either that, or no one has an answer, but I thought it would be worth trying again, so forgive the bump.
I want to be able to share certain folders on an external drive with standard accounts on the same Mac. But I want other folders on the external drive to be hidden and restricted from even browsing by those standard users. Is this possible? I don't want the degradation in performance by using encryption, unless there's no other way.
In other words, I want to apply the same characteristics to other folders, even on an external drive, that exist on my Home folder, so when another account logs in, that folder isn't even visible to them.
How would I mount an external drive inside my Home folder? If that's possible, it might give me the effect I want, but I'm not sure how that would be accomplished.
Thank you! I think this is exactly what I was looking for! My very old and rusty UNIX memory is slowly being awakened. It's been too long since I worked extensively with Mac and NeXT computers!
Just to make sure I do this right, if I have an external drive called "Ext 200" and a folder on that drive is "Backup", and I want to give no access to that folder or its contents to anyone other than myself or the root (yes, I am the owner of all the files on the external drive), then the command would be:
chmod 700 "/Ext 200/backup" ???
I'm not sure how to deal with the spaces in the drive name in Terminal.
You escape the spaces with a backslash.
Your command would look similar to
Code:
chmod -r 700 /Volumes/Ext\ 200/BackupTo confirm the path, simply try a safe command BEFORE the above such as
Code:
ls /Volumes/Ext\ 200/BackupPlease understand changing permissions is not without risk. If any of those files are owned by a different user, you run the risk of not being able to change permissions back without using root...
I assume you mean a different user on the Mac. All files on the external drive were created by my user before I even set up another user on the Mac. And if something didn't work as planned, I could always log in as root and correct it, right?
Yes, I meant a different user and yes, root can fix any permissions issues.
Here's an example:
User Johnny owns fileX which has permissions of 764 (rwxrw-r--). Let's say the group assigned is people. Sally comes along, also in the people group, thinks she owns the file wants to lock out Johnny and changes permissions to 700. Now only Johnny has access to it! Whoopsy! - now Sally has to ask Johnny to restore it or log in as root and change it, hoping Johnny didn't notice...
OK, here's what happened. I used:
chmod -r 700 /Volumes/Ext\ 200/backup
As soon as I did, I got a response back: Permission denied
When I tried:
ls /Volumes/Ext\ 200/backup
I got: Permission denied
So I went to Finder, Get Info on the folder and it showed everyone, including me, only had Write (Drop box) privileges. So I clicked the lock, entered my password and changed my privilege back to Read & Write.
Then I logged in as the other (Standard) user and found they still had full access to the folder. So, while still logged in as that Standard user, I did Get Info, clicked the lock, had to enter my (Admin) login name and password, and changed that user's access to Write (Drop box). That locked the other user from being able to browse the folder, so I did the same for another folder they had access to. It worked!
So the path that worked for me was to log in as the other user, Get Info on the folder I want to change, click the lock and enter my Admin-level user name and password, and change the permissions.
I'm not sure why the chmod changed mine, too, but at least I got the result I eventually wanted. Thank you so much for your help!
chmod -r 700 /Volumes/Ext\ 200/backup
As soon as I did, I got a response back: Permission denied
When I tried:
ls /Volumes/Ext\ 200/backup
I got: Permission denied
So I went to Finder, Get Info on the folder and it showed everyone, including me, only had Write (Drop box) privileges. So I clicked the lock, entered my password and changed my privilege back to Read & Write.
Then I logged in as the other (Standard) user and found they still had full access to the folder. So, while still logged in as that Standard user, I did Get Info, clicked the lock, had to enter my (Admin) login name and password, and changed that user's access to Write (Drop box). That locked the other user from being able to browse the folder, so I did the same for another folder they had access to. It worked!
So the path that worked for me was to log in as the other user, Get Info on the folder I want to change, click the lock and enter my Admin-level user name and password, and change the permissions.
I'm not sure why the chmod changed mine, too, but at least I got the result I eventually wanted. Thank you so much for your help!
You're welcome? FYI, Those GUI changes you made to the permissions are doing chmod commands under the covers
Yes, I figured as much... I guess when there's questionable format involved, I'm better off letting the GUI write the command! (I THOUGHT I saw something moving under the covers! )
Hey, maybe you can help getting the single-window function back in Safari 4! I sure miss it!
)Hey, maybe you can help getting the single-window function back in Safari 4! I sure miss it!