Sharing only ONE folder with the network...even to admins?

Discussion in 'Mac OS X Server, Xserve, and Networking' started by Taustin Powers, Jul 10, 2008.

  1. Taustin Powers macrumors regular

    Apr 5, 2005
    I'm trying to share one folder on my Mac Pro with the other Macs in my household. But when I enable file sharing, it automatically opens the entire computer to all the admins in the network. I have found no way to restrict this and make only the shared folder accessible for admins yet....

  2. myjay610 macrumors regular

    Jan 6, 2008
    Are all of the admin accounts located on the Mac Pro? If so you might want to consider changing that because having that many people with admin access probably isn't the best idea. Especially since users with admin accounts can jack with the root account. I can't think of a way to set permissions on a certain part of the file system to restrict "certain" admins. Moreover, that wouldn't make much sense from a security point of view.
  3. Taustin Powers thread starter macrumors regular

    Apr 5, 2005
    We have three Macs in the household, and each of them has one admin account.

    I want to share one folder of my Mac Pro with the other two computers (iMac and MacBook). But when someone logs into the other computers with an admin account, they automatically have access to my entire hard drive.

    What I would want to do is restrict the access to my Mac Pro to only one folder, for EVERYONE, including other admins. I just don't like the idea of my whole hard drive being accessible from another computer, no matter who uses it.
  4. Poeben macrumors 6502

    Jul 29, 2004
    What OS are you running on your machines/other machines/server? Are they part of a domain, i.e., authed against a server rather than local? How do the other users log into your mac (I assume they use their login info?) Are we talking about AFP shares or SMB?
  5. tobefirst macrumors 68040


    Jan 24, 2005
    St. Louis, MO
    If you're still running Tiger, SharePoints worked well for me in the past. It doesn't appear they have a Leopard version, though.
  6. Taustin Powers thread starter macrumors regular

    Apr 5, 2005
    Running Leopard on all machines.

    The MacBook finds the Mac Pro automatically, and when I log in with the MacBook's admin user name & password, I get full access to the Mac Pro's hard drive, even though no account with that name has been set up on the Mac Pro.

    This from OSX help:

    "Users you have set up with accounts in Accounts preferences can access your computer by connecting to it over the network. A user with an administrator account can access your entire computer."

    This is what's happening. An admin can access my entire computer as soon as I enable file sharing, no matter what.

    Is there a way to work around this?
  7. myjay610 macrumors regular

    Jan 6, 2008
    I just tried logging in to my iMac using the admin account that I have on my PowerBook and no such luck. Everytime I do it the account needs to exist on the computer you are connecting too...

    I believe the quote you cited is refering to admin accounts on the local machine. Are you just running regular OS X on the pro?
  8. Taustin Powers thread starter macrumors regular

    Apr 5, 2005
    Yep, just regular OSX.

    And there is no account of any sort with the MacBook's admin user name on the Mac Pro. But on the MacBook, when I say "Connect As...", and I put in the MacBook's admin user name, I get full access.
  9. Pigumon macrumors 6502


    Aug 4, 2004
    Do you have accounts for every other computer set up on your mac pro?

    If you have the Mac Pro with just one admin account, and no others, and a different password than all the others, you should be able to restrict access to just the folder you want.

    But if you have multiple accounts set up on the Mac Pro that match the other computer's accounts, then they can just sign on with their account name and password.
  10. Wee Beastie macrumors regular

    Aug 20, 2007
    In the snow with Rosebud
    Hi there. I am having the same issue as the OP. I'm just curious about this issue because (naturally) I'd like to control access to my files as much as possible. I just got a MacBook this week and networked it with my iMac. I was sharing files via the drop box and screen sharing via iChat without too much trouble. When I booted up my macs this evening, I found that I had unlimited access to the entire HDD of both computers via the network. This is actually desirable in my case, but I have a roommate with a powerbook and Leopard. We networked our computers and can only share via the public folder. Why the difference i wonder?

    When I set up the connection between my MacBook and my iMac I used my admin password. Is this the issue? Let's use "joust" as an example. I log in to both computers using the same username and "joust" as the password. I also used "joust" as the password that must be entered to connect over the network. Is this what is allowing full administrator access via the network.

    Had I used the password "coleman" instead of "joust" when creating the Sharing Only account, would my other computer have limited access to shared folders only? At this point, I only have Drop Box listed as a shared folder. It isn't affecting a thing.

    Sorry to revive a month old thread with a newbie question, but I'd like to learn more. If you have any thoughts, I'd really appreciate it

  11. tdhurst macrumors 601


    Dec 27, 2003
    Phoenix, AZ

    Turn on file sharing and store the folder you want in your public folder. Have them login as guest.
  12. BullBoyKennels macrumors member

    Jan 4, 2008
    Mayaguez, PR
    Here is a video I did on how to share only select folders or drives with a home network so that the users can only access a certain folder rather then the admins have full access to the entire hard drive it self. Hope that helps ya out.
  13. Wee Beastie macrumors regular

    Aug 20, 2007
    In the snow with Rosebud
    Thank you, that does help. I was getting mixed up because sometimes I would connect to my other computer using my admin username and password instead of the username (short name) and password that I used to create the sharing only account. Don't want people accessing my hard drive and finding anything...unsavory. Thanks again!
  14. CallsignBaron macrumors member

    Apr 17, 2007
    NC USA
    Exactly what I was thinking. Great minds... :cool:

Share This Page