Make folder private so other users can't access
I've just noticed that the contents of some new folders that I created under my users/[myname] folder, are visible to other users. The original ones all have the 'no entry' sign.
How do I make these new folders private, i.e. to the [myname] user only?
Solution 1:
There are a few different ways. Depending on your level of comfort with debugging permission errors, here they are ranked in terms of increasing risk. I'm not going to suggest you backup because you do that already, right?
-
Whenever you create a new folder, secondary-click on it and "Get Info", then remove read/execute permissions for other users and groups. That should give them the "denied" icon.
-
Make the above modification for your home directory, unless you have folders that you do want to give access to other users to.
-
Set a
umask
as described in Apple's KB HT2202 for user applications:
Create the file
/etc/launchd-user.conf
with the contents "umask nnn". Do not include the quotation marks and replace nnn with the desired umask value, such as 077.This will set the user's umask for all applications they launch, such as Finder, TextEdit, or Final Cut Pro, and control the permissions set on new files created by any of these applications.
Note that this will affect all files and folders you create from that point on and may be difficult to debug. As per @Kent's comment below, this will affect all users of the computer, not just your own. You may also need to logout or reboot the computer.
In all of these cases, you may see errors from some applications unable to access some files/folders. It can be argued that these are poorly-designed applications, but if you need to use them you may have to relax the permissions. 1 may be the safest and easiest to revert when/as needed.
Solution 2:
Open Terminal and type chmod go-rx ~/LocalSync
.
Solution 3:
If you make a new folder in one of the restricted folders, it inherits those permissions and then you can move it up one level in the filesystem hierarchy.
Even easier is to just store the files you create in one of the protected locations that the OS has set up.
This is more about how you are creating the folders than learning how to change things once they are incorrect.