Since you haven't used ls -le
as recommended, we don't know what the access control list looks like, but there might be something going on there that is preventing you from being able to write the files. The fact that a newly created user CAN edit the files makes me even more suspicious.
This command will remove ALL access control list entries from the folder and all its subfolders and files:
sudo chmod -RN path/to/folder/containing/files
Once you've cleared the access control list, try resetting the ownership like so:
sudo chown -R ulrikdamn:staff path/to/folder/containing/files
Now grant permissions like so:
sudo chmod -R u+rwX,g+rX,o+rX path/to/folder/containing/files
This gives you full read/write permissions. The "staff" group and all other users get full read permissions. Using an uppercase X, sets the execute bit for all directories within the tree, but leaves the execute bit for regular files as is.
Lowercase x would set the execute bit for all folders AND files. The execute bit must be set for a directory in order to read its contents. If you'd like to give write permissions to the group or others, switch out for g+rwX
or o+rwX
as necessary in the last command.
Here I'm passing in a folder path. If you want to pass in a single file, just remove the -R
from each command. The R makes the command recursive, applying it to an entire directory tree. Without it, the command will modify the permissions for a single file or folder passed in.
I understand your frustration, but I suggest you just hide the offending folders from Finder, you can easily do that with the following terminal command:
chflags hidden ~/Documents/HideMe
Preventing those folders to be created is likely going to cause problems running those applications.
Best Answer
No: the permission is for unlimited access to that folder.
There's nothing to stop an app secretly uploading all your files to some server, except that people would notice and denounce the company, and there's no commercial benefit in doing it anyway.
The Documents folder is another location that has privileged access, but the trouble is that every app that can open and save files is likely to need access to it. If you create another user folder outside Documents, then it will be open to all user processes.
You can install something like Little Snitch, which will regularly worry you with information about all outgoing internet connections, and let you allow/deny them.