File sharing (or rather files to not be shared)?

arciere

I think that lockable drives with a key are much more visible than folders permissions.

OP doesn't like other users to know that he's hiding something, a lock on the drive is probably self-explanatory.

esuhl

esuhl wrote: »

A long time ago, I saw a product that did something similar, but with a single key to select the active drive.

^^ It was the Romtec Trios, I think -- only for old IDE drives:
https://www.amazon.co.uk/Romtec-Rx-910t6-Manual-Selector-Switch/dp/B00006BAM1

Here's a similar device for modern SATA devices:
https://jivebay.com/sata-switches-hdd-hard-disk-drive-selectors-part-6/

As it only uses one key, you could buy one for each user, and connect it to that user's data drive.

They do seem rather expensive though... :-/

esuhl

arciere wrote: »

OP doesn't like other users to know that he's hiding something, a lock on the drive is probably self-explanatory.

Hmmm... The Veracrypt solution is probably best, then.

Or install a real operating system like GNU/Linux, where you have proper control of user permissions.

JustAnotherSaver

The key idea is an interesting one.

To be honest it wont be something i'll implement but to me it's interesting as to what possibilities are available out there. I wasn't even aware that could be a thing. Same with the push button link you showed. It's amazing how you can fix so many of your problems if you're just simply aware of what's available out there.

esuhl wrote: »

Hmmm... The Veracrypt solution is probably best, then.

Or install a real operating system like GNU/Linux, where you have proper control of user permissions.

Care to elaborate? Genuine question.


To be honest i've only ever worked Windows. I've dabbled in Linux but i've only ever really given it 5mins. Enough to say, ugghhh this isn't Windows, it doesn't work like Windows (of course!) i'm going back to Windows :rotfl:So i don't know what the difference would be between Windows and Linux permissions.



Though my thought process was the idea of 1 Windows install (instead of the same one twice as i currently have) and also a Linux install, to give it a fair go, since a large part of why i didn't give it more chance was the painfully slow running in a Virtual Machine. Again though, your view and my view of 'painfully slow' could be two different things. What i call painfully slow you could say is the best i could expect on my machine.

that

there is another way.

You create 3 folders on c: and remove all rights for all except for JustAnotherSaver and the user. Then you share each folder with a hidden name. Then in file explorer map each person so to see the say J: drive which points to the persons unique hidden folder. Also you could also make the three people see the same folder too.

As I mentioned before, all these strange settings and password etc are most likely stored in a profile that is unique to the user. When this becomes corrupt (and it does happen) you strictly speaking loose no data, but your shares, links and passwords, favourites, files you store stuff on the desktop, documents, or downloads etc will not be easily accessible and look like they have vanished. It does not happen as much as it one did, but corrupt profiles still do happen, just google 'corrupt windows 10 profile'.

Attempting to fix a profile many or may not work. You can often restore the files (from backups, sometimes from existing folder?). Sometimes you can restore a whole profile, other times it does not work. Again, strictly speaking you lose no data, but it can be a real swine to recover. The best and quickest solution is to create a new profile, but all the stuff is missing. Our policy is not to save stuff on the desktop, and the documents folder is redirected to the servers

JustAnotherSaver wrote: »

That's an interesting one.
In what sense do you mean corrupt? As in knackered beyond repair, all data lost kind of corrupt, or a bit of tweaking will get it back on its feet kind of corrupt?
I only ask this question as for many years the setup worked perfectly fine. Then for some unknown reason (no nobody accessed the computer and reassigned a drive letter, they just didn't) the drive appeared where it usually wouldn't be (in My Computer). It had been hidden for years but suddenly it appeared. I couldn't understand why. I had been the only person on the PC for some time actually.

Yes to all as a group, and to each individually, but also may not be. The profile get loaded into registry which starts life as large file, then bloats as things get installed and modified. Drive letters are found in registry, a z: drive mounted in another pc may no longer be z: unless it is the last position left. USB drives though tend to keep their letters across multiple PCs. I would say that the profile does not change physical drive lettering, but mapped drives is a profile issue.

Encryption does slow things down, and people do forget passwords. Sometimes the encrypted file, or the whole disk encryption itself becomes corrupt. Saying all that, should some scrote steal the laptop or pc, encryption could be a life, and business saver

esuhl has done some amazing stuff with Linux, but for you JustAnotherSaver, for you I would not recommend it, and more so if your business depends on it. Different approach, commands, much smaller pool of techies, and your current apps may not have a Linux version.

esuhl

esuhl wrote: »

Or install a real operating system like GNU/Linux, where you have proper control of user permissions.

JustAnotherSaver wrote: »

Care to elaborate? Genuine question.

It was tongue-in-cheek, really. If the idea of scripts scares you, I doubt you'd want to dive in to Linux! But, since you ask...

Windows was originally a shell for MS-DOS. It was designed to run on PCs maintained by the users themselves, and had no user-level security or support for multi-tasking. It was rare for such PCs to be connected to a network.

In order to maintain backwards-compatibility, later Windows versions had security features hacked in to the OS with registry and file virtualisation and shims. Yet users still typically assign themselves "Administrator" privileges because Windows security model is "broken". This makes it hard to control user-security yourself (without complicated server-based tools like Active Directory), and makes it easier for malware to gain Admin rights and infect your system.

GNU/Linux is based on Unix, an OS released in 1971. Unix was designed to run on mainframe computers, with many users multitasking simultaneously, and a dedicated team of computer scientists maintaining it. User-level security, multitasking and networking were rigorously "baked-in" from the very beginning. Unix was designed to meet the needs of system administrators, rather than end-users.

----

In Unix/Linux, each file is assigned to a user (aka owner) and a user group. You can set the permissions independently for the owner/user (u), the group (g) or others (o).

There are three possible permission flags you can assign: read (r), write (w) and execute (x). (The execute flag on directories determines whether users can browse the contents of the directory or not.)

No user is assigned "root" (c.f. "Administrator") permissions, as is typical in Windows.

More info here: http://linuxcommand.org/lc3_lts0090.php

JustAnotherSaver wrote: »

To be honest i've only ever worked Windows. I've dabbled in Linux but i've only ever really given it 5mins. Enough to say, ugghhh this isn't Windows, it doesn't work like Windows (of course!) i'm going back to Windows

Yeah -- they're different beasts, designed for different types of user. GNU/Linux is open-source, so there are hundreds of different distributions available. I tried about 10 different Linux distros before I found one that "made sense" to me (i.e. I didn't render unbootable within a week)! There are big differences in user-friendliness, complexity, documentation, support, etc. So it's worth comparing the features of the various distros to find one that meets your needs.

---

I love Arch Linux. You install it by cloning a really minimalist, text-only OS to your hard drive. It's a "blank canvas". There are no user-friendly GUIs to guide you through. Instead you follow the steps in the online wiki -- type some commands, and edit some text files. The installation is quite hands-on, but it acts as a sort-of tutorial. Blindly following the instructions shows you how the OS works, and where the settings are to change stuff. Once it's set up, there's very little maintenance to do. It "just works".

Arch is simple, fast and powerful because it doesn't have "unnecessary" and complicated layers of user-friendliness hiding the user/administrator from the basic "inner-workings". Instead of having several different GUI apps all fighting for control of the same settings, all trying to overwrite each other's changes to the config file... in Arch, you just change the config file yourself.


https://wiki.archlinux.org/


There are more "user-friendly" or Windows-like distros, such as Ubuntu or Mint, where the installation process is much quicker and more automated. Instead of starting with a "blank canvas", almost everything is pre-installed and pre-configured -- including dozens of random applications. This is great if you want to get up-and-running quickly, but it takes a lot more knowledge and effort to tweak the OS to do exactly what you want.

If the most important thing about your OS is that it is Windows-like and "user-friendly", and you're not especially interested in Linux, it'd be much easier to stick with Windows. "User-friendly" is what Windows does best.

Hope that helps...

AndyPix

Apologies if this has already been answered but I cant be bothered reading all the arguing .
The way to achieve what you want to achieve within the windows environment (without all the multiple disk silliness) is this :-


Each user has their own user account.
You make sure your own username is in the administrators group


You create one folder on C drive and call it DATA


You create a folder inside the data folder for each of your users (user1, user2, user3)


Now, you right click on the data folder, go to properties, then the security tab
choose "edit" and then from the list that is presented, add your own username, leave system and administrators there and remove any other entries.


Next, you go inside the DATA folder, and RIGHT click on the user1 folder , go to the security tab, click edit, now click ADD, and add the username of the person you want to be able to access this. Then put a tick in the full control box. Making sure that the only other entries in the list are administrators and system.
Rinse and repeat for the other folders respectively.


Now, on each of the other users accounts, just map a drive directly to their own folder.


That's it .. Each user will be able to "see" a folder called "DATA" (if they browse the C drive) but that's as far as they can go, they cant see the contents of the other users folders, or even that they exist.


This is the way its done in the corporate environment - so if its good enough for banks etc, surely its good enough for your home setup ?


If someone has physical access to your computer though, and the know how then its game over anyway - but this is the textbook way to set up multi user accounts with a home drive.


Good luck


Edit to add : Im not sure if you're familiar with mapping drives, but it just means you assign a drive letter to a folder location. So the user just thinks/sees it as another drive. They wont know that its a folder somewhere .. Shout if you need instructions - its very easy

mksysb

Earlier in the thread OP says all users must have admin rights, so that solution has already been discarded.

AndyPix

Oh , right - what a weird situation.


In that case the "official" solution would be to use NAS




I suppose if the users weren't to be "too" tech savvy, then using the above solution coupled with actually hiding the DATA folder (using properties), and then burying it deep in windows, system32 , about 10 folders deep somewhere would suffice.



They would never find it, or even think to look

JustAnotherSaver

AndyPix wrote: »

Apologies if this has already been answered but I cant be bothered reading all the arguing .
The way to achieve what you want to achieve within the windows environment (without all the multiple disk silliness) is this :-


Each user has their own user account.
You make sure your own username is in the administrators group


You create one folder on C drive and call it DATA


You create a folder inside the data folder for each of your users (user1, user2, user3)


Now, you right click on the data folder, go to properties, then the security tab
choose "edit" and then from the list that is presented, add your own username, leave system and administrators there and remove any other entries.


Next, you go inside the DATA folder, and RIGHT click on the user1 folder , go to the security tab, click edit, now click ADD, and add the username of the person you want to be able to access this. Then put a tick in the full control box. Making sure that the only other entries in the list are administrators and system.
Rinse and repeat for the other folders respectively.


Now, on each of the other users accounts, just map a drive directly to their own folder.


That's it .. Each user will be able to "see" a folder called "DATA" (if they browse the C drive) but that's as far as they can go, they cant see the contents of the other users folders, or even that they exist.


This is the way its done in the corporate environment - so if its good enough for banks etc, surely its good enough for your home setup ?


If someone has physical access to your computer though, and the know how then its game over anyway - but this is the textbook way to set up multi user accounts with a home drive.


Good luck


Edit to add : Im not sure if you're familiar with mapping drives, but it just means you assign a drive letter to a folder location. So the user just thinks/sees it as another drive. They wont know that its a folder somewhere .. Shout if you need instructions - its very easy

The bit in bold - thanks for that. You actually read what i've been saying and you actually paid attention to it by putting in there one key word ........ "IF".


Your second post confuses me though. Does that mean the above wouldn't apply then (since mksysb is correct)?