Link

ericsuh.com/blog

Private Sharing on Mac OS X

I was recently bitten by Mac OS X’s complicated permissions model for sharing files, so I’m just writing this here for future reference; hopefully this is helpful for anyone else accidentally sharing a folder from an external hard drive to the entire world.

The Scenario

I wanted to set a folder on my external hard drive to share between computers, and I’d like it only to be visible and accessible via a login and password. That way, I can log on with my computer at home and have it be nicely integrated in with Mac OS X, but I don’t have to put it in Dropbox or share it publicly.

Simple, right? Just do “Get Info” on the folder, enable “Shared Folder”, check that only I have “Read & Write” access, and then make sure “File Sharing” is on in “Systems Preferences > Sharing”. All good to go.

The Problem

Strangely, this only works in Mac OS X on an internal, bootable hard drive. Folders shared from external hard drives are, by default, visible and accessible to everyone, regardless of the file permissions, because of a little checkbox on the external drive’s “Get Info” screen: “Ignore ownership on this volume”.

Picture of checkbox: Ignore ownership on this volume

Damn you little checkbox!

Not only does this ignore what all of your permissions settings on the individual files are, but it does this insiduously: the “Get Info” view on any folder or file, the “Sharing” view in System Preferences, or using ls -le shows absolutely nothing to indicate this. Instead, you have to use sudo ls -le to really see what’s going on.

What you’ll see is something like the following:

-rwx------    3 _unknown _unknown 103 Dec 19 2011 File1.txt
-rwx------    3 _unknown _unknown 103 Dec 19 2011 File2.txt
-rwx------    3 _unknown _unknown 103 Dec 19 2011 File3.txt
...

Even worse, the “Ignore ownership on this volume” not only ignores ownership, it resets ownership to the user/group _unknown (or UID/GID 99) for all files added to the drive while the setting is on. Files with that username and group behave as follows:

  • When using ls -le, _unknown shows up as the current user and group, so you won’t know that it’s set that way unless you know the sudo trick.

  • When the file/folder is shared, everyone can see and get access to files and folders owned by _unknown.

In other words, external hard drives are by default insecure on the network, and a cursory look with the standard UNIX tools or Mac OS X dialog boxes tells you none of this. Unchecking “ignore ownership on this volume” is necessary, but not sufficient, to prevent your files on the external hard drive from being publicly accessible.

The Fix

There are a few things to set if you want to securely share a folder to a user via remote login:

  • In “System Preferences > User & Groups > Guest User”, uncheck “Allow guests to connect to shared folders”.

  • In the “Get Info” window of the external hard drive of interest, uncheck “Ignore ownership on this volume”.

  • In the command line, for each file/folder you’re interested in sharing securely, run chmod -R 700, and then run chown -R [username]:[group]. Do this after the step above in which you reenable ownership on the volume. This should reset the ownership of the files/folders to you, but check and make sure with sudo ls -le.

    In addition, the files will still be visible (though not necessarily accessible for editing and whatnot) to others if there are Access Control List permissions allowed for com.apple.sharepoint.group.[n] users and groups. Those will show up if you type ls -le, and you can delete them using chmod -a# n, where n is the line number of the permission you want to delete. You can do this recursively, of course.

More work than it should be to share a folder privately between two of my own computers across a network using username/password. I’m also not really sure why external hard drives are publicly accessible by default.