I have some volumes with sensitive data mounted in my main, admin account.
I'd like to give some other users access to the same computer using a "standard" user account. Such a standard account seems to be effectively blocked from accessing any files which are inside the admin account's home folder, but all the mounted volumes are completely accessible.
How would I make such volumes inaccessible?
Best Answer
Basically just take the permissions applied to your own home folder and apply them to the mounted volume. For example try
sudo chown -R /Volumes/name-of-secure-volume yourusername:yourgroup
Then use
chmod -R 700
to change permissions so that only owner can access them, and group cannot edit or view (in case new users are members of the same group as you). Of course, if new users are able to sudo, then all bets are off unless you put the volume into a TrueCrypt container. Which might be easier.