• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL

Chapter 4. Networking > Users, Groups, & Privileges

Users, Groups, & Privileges

Network file and application sharing access is determined by the users and groups set up for the computer, as well as the privileges settings for each file or its enclosing folder.

Users & Groups

Each person who connects to a computer (other than with Guest access) is considered a user. Each user has his own user name or ID and a password. User names are set up by the computer’s system administrator, using the Accounts preferences pane. The password is also assigned by the system administrator, but in most cases, it can be changed by the user in the My Account preferences pane. This enhances security.

Each user can belong to one or more groups. A group is one or more users who have the same privileges. Some groups are set up automatically by Mac OS X when you install it and add users with the Users preferences pane. Other groups can be set up by the system administrator using a program such as NetInfo Manager.


  • Setting up users is discussed in detail in Chapter 5. Setting up groups is an advanced network administration task that is beyond the scope of this book.

  • I discuss NetInfo Manager briefly near the end of this chapter.


Each file or folder can be assigned a set of privileges. Privileges determine who has access to a file and how it can be accessed.

There are four possible privileges settings:

  • Read & Write privileges allow the user to open and save files.

  • Read only privileges allow the user to open files, but not save files.

  • Write only (Drop Box) privileges allow the user to save files but not open them.

  • No Access means the user can neither open nor save files.

Privileges can be set for three categories of users:

  • Owner is the user or group who can access and set access privileges for the item. In Mac OS X, the owner can be you (if it’s your computer and you set it up), system, or admin.

  • Group is the group that has access to the item.

  • Others is everyone else on the network, including users logged in as Guest.


  • In previous versions of Mac OS, which were not designed as multiuser systems, you were the owner of most (if not all) items on your computer.

  • You can check or set an item’s privileges in the Ownership & Permissions area of the Info window for the item (Figures 30, 31, and 32).

To set an item’s owner, group, & privileges

Select the icon for the item for which you want to change privileges.

Choose File > Get Info (Figure 29), or press .

Figure 29. Choose Get Info from the File menu.

In the Info window that appears, click the triangle beside Ownership & Permissions to expand the window and display permissions information (Figures 30, 31, and 32).

Figure 30. Privileges settings for the Applications folder, ...

Figure 31. ...my Public folder, ...

Figure 32. ...and the Drop Box folder inside my Public folder.

To change the owner and group for an item, choose an option from the Owner (Figure 33) or Group (Figure 34) pop-up menu. You may be prompted to enter an administrative password before the change can be made.

Figure 33. The Owner pop-up menu on my computer includes me, ronh (who wrote the Unix chapter) and a bunch of users created by the system.

Figure 34. When I installed Mac OS X 10.2, it created all of these groups.

To change the privileges for an item, choose options from the Access and Others pop-up menus (Figure 35).

Figure 35. Use this pop-up menu to set privileges for each category of user.

If the item is a folder, to apply the settings to all folders within it, click the Apply to enclosed items button.

Close the Info window to save your changes.


  • You cannot change privileges for an item if you are not the owner (Figure 30).

  • The Write only (Drop Box) privilege is only available for folders and disks.

  • The privileges you assign to one category of users will affect which privileges can be assigned to another category of user. For example, if you make a folder Read only for Everyone, you can only make the same folder Read & Write or Read only for the Group and Owner.

  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint