The
Joes’ read-only folder
This
is the folder I want to share for download only, to
the two Joes but no one else. This is where we make
use of the group called my-users (which contains the
two Joes). Notice the read-only icon: Glasses with
no pencil. :) |
 |
|
| Here’s where the groups
come in. Note: I’m not certain, but I believe it is possible
to have groups within groups. However, it’s best to try
to avoid potential confusion as much as you can. I like very
shallow hierarchies for that reason. |
|
Drop
Box
Here’s
the drop box folder. Notice that the option even
says “(Drop Box).” Pencil only,
no glasses, for my-users and for Everyone. |
 |
|
| This
is a little redundant -- “Everyone” includes
my-users -- but I tend to be explicit about it anyway, just
so I have a reminder when I look at this folder later. |
|
The
MP3’s folder
And
here’s the MP3s folder, readable to all.
|
 |
|
| |
|
Check
for Leaks
Test
your configuration from another Mac, since your Mac cannot
connect to itself. Log on as Owner, as each Joe, and as Guest,
and make sure those accounts have the access they should;
no more, no less. Remember that you as Owner will be able
to do anything you want to the contents of all of these folders.
|
Test your configuration from
another Mac, since your Mac cannot connect to itself. Try to
hack your Mac -- you can bet someone else will.
Guests should be able to see and download the contents of the “Legal
MP3s” folder,
and they should be able to upload things to the “Drop Box” folder
but they should NOT be able to see the contents of that folder or any of the
others.
The two Joes should have full access to their respective folders, but should
only be able to open and download from (not write to) the “my shared stuff” folder.
You as Owner will be able to do anything you want to the contents of all of these
folders. |
|
File
Sharing Wrap-up
Not
a heavy-duty server.
•
Limits on number of users
•
Limits
on number of simultaneous connections
If you need more power,
buy AppleShare IP, Apple’s commercial server product.
Use Activity Monitor to what’s shared and who’s
connected right now. |
| Don’t
expect FS to be a heavy-duty server. There are built-in limits
regarding how many users you can have and how many simultaneous
connections are possible. (If you need more power, buy AppleShare
IP, Apple’s commercial server product. It can do all
sorts of nifty things, like allow Windows users to connect
to Mac shares.) |
|
More
File Sharing Wrap-up
Beware
of nesting folders with different privileges
•
Can’t
go very deep with the nesting
•
Confusion leads to mistakes
If you use Program Linking, then it’s all or nothing
with respect to privileges
If you delete a user, his folders’ permissions
will be transferred to Owner. |
Beware
of nesting folders with different privileges -- it can be
done, but there’s a shallow depth limit. It can also
be incredibly confusing and can lead to security errors.
It’s a good habit to just keep it simple and use a
flat hierarchy for your shared stuff, even if there’s
some redundancy.
If you use Program Linking, then it’s all or nothing
with respect to privileges (the app is either remotely linkable
by all users, or by none). You can limit
who’s allowed to run programs remotely by putting (a copy of) the app into
the appropriate users’ folder(s). This does not work with aliases.
If you delete a user, his folders’ permissions will be transferred to Owner. |
|
<<Back | Index | Next >>
|