In Mac OS X and Mac OS X Server, the default behavior is that any user can look into another user's Home directory. As shown in Figure 1, the Home folders are not locked.
Figure 1 Accessible Home folders
However, the only folders that any non-owner user can look inside are the Public and Sites folders. This feature allows users to immediately begin sharing without any additional setup, while still protecting information in other folders (such as Documents). In the earlier AppleShare behavior to which you may be accustomed, the default was that users did not have any privileges to another's directory. As shown in Figure 2, the folders would appear locked, with the belt-badged icon.
Figure 2 Access denied to Home folders
In some environments, the earlier behavior may be desired. Follow these steps to change the privileges of the Users directory:
All Home directories should now resemble those in Figure 2, and only the owners have complete access.
Figure 1 Accessible Home folders
However, the only folders that any non-owner user can look inside are the Public and Sites folders. This feature allows users to immediately begin sharing without any additional setup, while still protecting information in other folders (such as Documents). In the earlier AppleShare behavior to which you may be accustomed, the default was that users did not have any privileges to another's directory. As shown in Figure 2, the folders would appear locked, with the belt-badged icon.
Figure 2 Access denied to Home folders
In some environments, the earlier behavior may be desired. Follow these steps to change the privileges of the Users directory:
- 1. At the server where the Users directory is stored, open Terminal (/Applications/Utilities/).
2. Type: su
3. Press Return.
4. Type the Admin user password.
5. Press Return.
6. Type: cd /
7. Press Return.
8. Type: chmod -R 700 /Users
9. Press Return.
10. Type: chmod 755 /Users
11. Press Return.
12. Type: cd /Users
13. Press Return.
14. Type: chmod 666 .DS_Store
15. Press: Return.
16. Type: chmod 333 Shared
17. Press: Return.
All Home directories should now resemble those in Figure 2, and only the owners have complete access.