Leopard file sharing warning
There are times when I need to access files from home. With Leopard’s new Back to my Mac, I’m finally able to do screen sharing and file sharing. However, there are security concerns I have with it.
By default, the first sharable folder is your public folder. Apple then adds three entries into the list of users that have access to it: you, with read and write access, and “Unknown” and “Everyone” with read-only access. You can remove “Unknown” and change the access for “Everyone” to “No Access”. That’s fine.
However, there’s an entire drive I wanted to share that only I had access to. So I added the drive, deleted “Unknown”, but when it came to removing access for “Everyone”, this is what I got:
That’s right. I can’t set it to “No Access”! I tried it using Guest access under Apple File Protocol and sure enough, I had full read-only access to my private data.This is completely unacceptable. Sure, I can get around it with file permissions, but that’s not the point. Apple put this in place with drop-down menus so that I have full, easy control over who sees what. Disallowing “No Access” to a shared folder is wrong, and Apple needs to fix this ASAP.
The solution? You need to do a “Get Info” on the drive. Then you get this dialog:
You click the lock to unlock the dialog, change the preferences there, close the Get Info dialog and then you’ll get this in the Sharing dialog:
Now everything is good.
I’m still worried that most user’s will either not notice this, or not know how to fix the problem. Worse, Apple gives a false sense of the ability to change this setting in the Sharing dialog by offering a drop-down menu for options the user can’t set from there.
If you enjoyed this post, please consider to leave a comment or subscribe to the feed and get future articles delivered to your feed reader.
Comments
No comments yet.
Leave a comment