Multiple User Permissions?

B

brendaf

Registered
I'm a new windows convert and stuck on sharing files.

There are many files that my husband and I share and both need to be able to make changes to (financial, pics, movies, etc.)
We are both administrators, but I've noticed even putting something in the shared or public folder, we only have access to read each others (and sometimes not even that) files not make changes to them.

Other than going to each file after it's created and manually changing the permissions to administrator, what are our options?

Mac help desk thought that just saving to the public folder would do it, but I still have to manually change permissions.

Can I do something to enable that everything that is saved in a specific folder is editable for all administrator accounts?


Thanks,
Brenda
 
There was a long thread (or several) on the Apple boards some time ago, and sadly the answer is no, unless something has changed in 10.2.

Unix provides the ability to allow files to be group-writable, as well as readable, but Apple in its wisdom (?) has not allowed this through to the GUI.

So all you can do, as you say, is change the permissions on each file after you create it. Stinks, doesn't it? :-(
 
Oh man that is rough!
That seems like it would be such a basic thing.

I read the Quicken 2003 thread, so I know that my issues with this are just beginning!

Sure hope they make a change to that soon. It takes a little out of their "ease of use for the family" ad campaign.

Thanks for the answer though
 
A little bit easier than changing each file individually would be to use the "Apply to Enclosed Item" option on the Shared folder whenever you're having problems. It seems like someone should be able to make a pretty simple app that just sits in the dock and copies things to the Shared folder with world-writable permissions when you dragged a file to it... But maybe Apple will come up with a better, integrated solution someday soon.
 
What is /Users/Shared for? I was assuming it was for doing things like this....

You could create a new folder in the Shared Directory that was rwxrwxr-x and then CREATE all of your new files [that you want to be shared] in that folder. If I'm not mistaken when a new file is made it inherits the properties of its folder.
 
To change your permissions there is a programm called Batchmod. It changes al permissions etc. etc. for entire folders Maybe this is a solution for now.
 
My wife and I just decided to use the same user account (ID and Password).

The problem is not so much with Apple, IMO, as with the fact that the UNIX security model is appropriate for business, but not for families.

For example, while it is legitimate for my boss to be able to see all of my files, it is NOT legitimate for him to be able to change them. Further, where I work, you can be fired for telling anyone, including your boss, what your password is. Again, a legitimate rule, IMO. If the boss needs to edit your files or create new ones, this should be as a result of an explicit, documented request to do so. Any other approach invites all kinds of misbehavior by both employee and boss.

As for families (at least husband/wife sort of relationships) this is not really appropriate. But under the "one flesh" theory, you could just pretend to be the same person, which is what we do.


-Bob.
 
I accidentally registered as a "Junior Member", and can't seem to get the administrator to change this.

At 57, am I the oldest "Junior Member". I would guess I am the oldest to be widowed and re-married, anyway.

-Bob.
 
Brendaf:

You mentioned that you and your husband are running as administrators. This is not generally a good idea.

It is easy when logged onto an administrative account to accidentally make changes that could be tough to undo. Also, I believe that any trojans or problem software would be able to do a lot more damage if it executed under an administrative account.

Whatever the resolution of your problem, I suggest that you avoid doing this as a normal thing.

Also, I meant to say that I am probably the ONLY Junior Member who has been widowed and re-married. But it was a dumb comment anyway.

-Bob.
 
I log in using an administrator account (not "administrator") daily. You really don't have too much to worry about in mucking up the system. If you login as root, That's a different story.


As far as the "junior member" tag... that implies that you have just registered. Being 22 I seriously doubt that I'd be a "senior" member :D
 
I had thought (like "Fahrvergnuugen") that all the files that are saved into the shared or public folder would inherit the properties that I set to that folder and selected "apply to all subfolders" but nope. It sure seems like that's how it should work.

If I don't want it public, I just save it in "my documents" rather than public or shared. Oh well.

We don't want to use the same account because we have different mail accounts, different desktops, etc. (Kinda like sharing closet space...life is just a little easier if you have your own ;)

I think jeb1138's right. Someone should be able to write something simple that would do that. It just seems like such a basic easy thing to have available.

<i>"To change your permissions there is a programm called Batchmod. It changes al permissions etc. etc. for entire folders Maybe this is a solution for now"</i>

I may try that. But, does it change the permissions to anything new that's saved into that folder? That's the key

Thanks,
Brenda
 
I know you don't want to use the terminal, but someone could probably write something to do this...

chmod -R folder/

will recursively change the folder permissions.

I would suggest just making a folder inside your shared folder that has very open permissions set on it, then when you create a new file in that folder, your other users could open it. You could then put an alias to this folder inside your documents folder so its easier to navigate.

Also, there is almost no danger in running your system as an administrator...[it certainly is less annoying]. Just don't log in as root all the time [in the GUI]...that could be dangerous.
 
SEE SOLUTION BELOW

Apple really blew it on this whole permission thing. Big time. It used to be so easy in OS 9. Now I am printing how-to sheets from web sources, activating the terminal (are you kidding me, I'm a Mac user) and so forth.

The whole public folder thing seems like a decent compromise in theory, but for some reason for me it just doesn't cooperate. I have a small graphics shop with four machines (3 Macs, 1 PC). I want each and every one of them to see my main documents folder and do whatever we want whenever we want with the files. We're all adults here and know how to use computers. If we destroy a file, it's our own damn fault. Plus, we backup twice a day to tape, so we're pretty safe.

Anyway, we tried the Public folder approach, but for some reason, we could never get the settings wide open to allow full read/write/etc from everyone. Very annoying. We have used BatchMod extensively, but frankly, it is idiotic that I have to launch a separate app every time a new file is made by someone other than me on our file server.

Our latest "solution" was to reformat our server hard drive with two partitions. One for system stuff and the other for documents. The documents drive is then set to ignore permissions (Get Info, click checkbox). You can't see that option on system drives, only non-system drives/partitions.

It was a pain in the ass, but it more less works. Occasionally, inexplicably, a file will sneak in that can't be deleted or whatever from another user. It's not a big deal, but is so freaking annoying. I JUST TOLD THE ENTIRE DRIVE TO IGNORE PERMISSIONS, WHAT IS SO HARD TO UNDERSTAND ABOUT THAT!!!!! YOU USED TO BE A MAC, WHAT IS WRONG WITH YOU!!!!

What I really want is a one big button in Prefs that says "Anyone sitting at this computer or connecting to to it on a network can move, open, erase any file on it. Period. Click here."

I don't have a boss, nor am I worried about strangers screwing up my files somehow. It's not going to happen. What I do want, is everyone in my workgroup to be able to easily share each other's files even if it opens the microscopic risk of deleting things that shouldn't have been.
 
<b>Brendaf wrote</b>:
<i>"I had thought (like "Fahrvergnuugen") that all the files that are saved into the shared or public folder would inherit the properties that I set to that folder and selected "apply to all subfolders" but nope. It sure seems like that's how it should work.</i>

I think it works the way it is supposed to work (at least for UNIX). A file has the normal privileges of the user or process that created it, not necessarily those of the folder(s) it is in.

Another possibility, and the one you seem to be suggesting, is that the permissions of a file would be the most permissive permissions on any one of the enclosing directories. You certainly wouldn't want that, as it would mean that to make something read only you would have to start at the root level of the disk and drill down the entire list of folders, changing permissions as you went, in order to keep something so that it could be changed only by the userwho created it.

<b>Fahrvergnuugen</b>:
I think the idea of writing a little utility is a great idea. Maybe this could be done with AppleScript. But I think you would have to run it each time you accessed a file created since the previous run.

<b>Mindbend wrote</b>:
<i>"What I really want is a one big button in Prefs that says "Anyone sitting at this computer or connecting to to it on a network can move, open, erase any file on it. Period. Click here." "</i>

I can understand why you want that, and your workaround seems legitimate. Nevertheless, the problem is that UNIX permissions were never meant to work that way. That's why they don't.

<b>Alternate Workaround</b>:
I haven't tried this yet, but what about just using DiskCopy to create a big "public.dmg" folder? You would double-click it to mount it, and I think, once mounted, you could treat it like a regular disk, and ignore permissions if you want.

<b>Routine Running as an Administrator</b>:
Also, I really don't agree about it being safe to run as an administrator for routine tasks. "Bad Guys" can do bad things with trojan software, even on web pages. If you are running as an administrator, you (and any trojans or misbehaved code) can delete or change just about any user file, including deleting whole accounts. When running as a user, you can only mess up your own account.

That seems significant to me.

-Bob.
 
Additionally, the other thing you can do when logged on as an administrator is add and remove software. You wouldn't want a trojan doing that.

Logged on as a user you (and trojans) can't do this either.

-Bob.
 
sometimes you have to fight fire with fire.

Use cron to change the permissions of the folder
and it's contents every 15 minutes. In the term, type...

sudo vi /etc/crontab

type in your admin passwd...
type in this line at the bottom of the cron file...

15 * * * * root chmod -R 777 /Users/Shared

Then, to save(write) and quit, type...

:wq

Restart. That's it!
(although you may have to write
/bin/chmod... instead of just chmod...)

There's also an Application call CronniX that will let you
do all of this cron business with a nice interface and
without the Terminal. All you need is the line...

15 * * * * root chmod -R 777 /Users/Shared
 
Well last night we tried logging in as root and going to the terminal and chmod 777 (whatever) for both of us as users. (I figured we could go back and add more security later if we could just get it working)

Even after that, when I write a test document and sign in as the other user, the other user only has read access not r/w access.

oh wait...I just read the rest of your post.
I guess we didn't do the second half about the 15 minutes part.

We'll try that next. I bet that will work!

Thanks!
 
You must log in or register to reply here.
Back
Top