 |
 |
Glaring Privacy Hole in Home Folder (Everyone can see user created folders)
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Feb 2012
Status:
Offline
|
|
In OS X, any folders that you create in the Home Folder can be viewed by other users of the Computer!
Isn't this a glaring privacy hole? It does not warn while creating, its not well publicised and I think its entirely reasonable for a user to expect that their entire Home Folder is sandboxed from other users and not just the system default folders.
Example: If you goto you Home folder and create a new folder "Projects" or "Assignments", its contents can be viewed and modified by other users!
Whats the rationale for this?
Thanks
|
|
|
| |
|
|
|
|
|
|
|
Moderator  Join Date: Apr 2000
Location: Gothenburg, Sweden
Status:
Offline
|
|
Not exactly. By default, files in your folder can be viewed, but not modified. Other users have read only privileges. The rationale is that this is the way it always was on UNIX, before such newfangled things as Macs (much less Windows) came on to the scene. For comparison, I think the Home versions of Windows have the same default setup - although I'll admit to never using the Home version of anything newer than XP.
As you've probably already noticed, it's easy enough to change.
|
|
The low-end Mac Pro is the most overpriced Mac since the IIvx
|
| |
|
|
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Feb 2012
Status:
Offline
|
|
You're right, they viewable but not modifiable.
But that's not much better from user point of view hehe. Windows handles it the expected way (I checked just now) i.e The entire home folder is off limits w/o an admin password.
I did indeed change the permissions but I think that workaround is less than optimal. When creating tonnes of temporary folders (eg: by project name or by assignment name), I'm sure one of these times I'll forget.
Is there like a terminal command that'll change the default setting? I vaguely remember seeing something couple of years but ignored it coz I wasn't an OS X user and now can't seem to Google it
Thanks
|
|
|
| |
|
|
|
|
|
|
|
Moderator Join Date: Apr 2000
Location: Gothenburg, Sweden
Status:
Offline
|
|
Easiest is just to change the permissions on your home folder itself to remove read privileges. Privileges are hierarchical, so you need read permissions (or technically, execute permissions, but from the Finder interface they are the same thing) on all folders above to be able to read something. Just change your home folder, and that's it.
To answer your question: Yes, you can change the default for new folders created by changing the umask. Follow the instructions from Apple to set the umask to 077. As you can see from the procedure, this is an advance procedure - I would advice that you simply change the permissions of your home folder.
|
|
The low-end Mac Pro is the most overpriced Mac since the IIvx
|
| |
|
|
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Feb 2012
Status:
Offline
|
|
But that would break Shared Folders and Public (and Dropbox) I think. It seems to be a slightly broken design 
Am just gonna avoid creating my own directories from now on. Will create a dedicated "Others" directory, fix its permissions and then create everything as a sub directory under "Others"
|
|
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Feb 2000
Location: Nashua NH, USA
Status:
Offline
|
|
Just put you folders one level deeper. Or don't name the folder anything obvious.
|
|
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
|
Top
