0
A machine running W7 has two user accounts:
Account 1
Type: Administrator
Directories at C:/ are called 'path_a', 'path_b' and 'path_c'
Account 2
Type: non-Administrator
Directory at C:/ is called 'path_a'
A separate instance of Seafile running on each user account does an automatic back-up on all of the paths. Each user account has a separate Seafile account associated with it.
the two accounts should share only one folder, path_a
Question
Is it possible to make path_b
and path_c
invisible to Account 2? The user does not need to know that the folders exist.
What we've tried
We've successfully adjusted permissions, however, we would like to avoid the user of Account 2 seeing the message "You don't currently have permission to access this folder"
.
We've also come across a suggestion to hide directory. We're wondering, however, if there is a cleaner way.
2There is no way to avoid the message, you want to avoid, If a user happens to know the path to the folder. – Ramhound – 2017-06-12T15:32:14.757
Okay, so you can confirm that if an administrator creates a folder at
C:/
then it is visible (but not necessarily accessible) to all other accounts? Can we also confirm that there is a location, for instanceC:\Users
where the administrators data will not be visible to other users? – John Chris – 2017-06-12T18:20:00.960"Okay, so you can confirm that if an administrator creates a folder at C:/ then it is visible (but not necessarily accessible) to all other accounts?" - If an Administrator creates a folder on the root system directory, unless the Administrator removes the User user group from the folder's ACL, all users would have access to it. A user would be able to view the contents of the folder, access all files within the folder, modify the files within the folder, without priviliage escalation. – Ramhound – 2017-06-12T18:25:29.773
Thanks very much, are you able to address the second question/confirmation? Curious to hear your thoughts. – John Chris – 2017-06-13T19:55:19.670
I answered both of your questions. A user, in the User user group, by default will be able to view the contents of any directory they have access to. You have to implicitly revoke the permission, to view the contents of a folder to a user, if you don't want that user to view the contents of a folder. In either case, the error will still be displayed, hence my original comment – Ramhound – 2017-06-13T20:59:28.743