Opened 6 years ago
Last modified 6 years ago
#17949 new defect
Mac OS High Sierra Host - Windows 10 Guest - Shared folder is read-only
| Reported by: | MB2 | Owned by: | |
|---|---|---|---|
| Component: | shared folders | Version: | VirtualBox 5.2.18 |
| Keywords: | windows 10 mac | Cc: | |
| Guest type: | Windows | Host type: | Mac OS X |
Description
I have created a shared folder. I made sure that read-only is not checked. Virtualbox guest additions is installed. When shared folder is mounted, all directories in the Windows 10 guest are marked as read-only. Unchecking them, to make writable does nothing.
Attachments (2)
Change History (13)
comment:1 by , 6 years ago
follow-ups: 4 8 comment:3 by , 6 years ago
Sorry that you are having these problems! I am running the newer VirtualBox and Windows 10 Pro on my 2017 iMac with the latest Mohave beta and the Box is running perfectly. Is there a chance the you are running an SSD? If so I have found that if you go to any app or moist any folder and make yourself the Administrator able to Read & Write it will solve many install and related issues. High Sierra started creating these issues because of an increases security profile and it is hugely magnified in Mohave. Sure hope this helps.
Oh yes, if you are running an SSD the drive is always read-only unless you are in a directory in the Finder, like the Applications Folder.
comment:4 by , 6 years ago
Replying to JohnGregory:
make yourself the Administrator able to Read & Write it will solve many install and related issues. High Sierra started creating these issues because of an increases security profile and it is hugely magnified in Mohave. Sure hope this helps.
JohnGregory, that is an absolutely incorrect advice. You definitely do not mess with your permissions, especially in such a naive, over-simplified way. That's not a fix, that's a hack, and not a good one, it could ruin apps and/or compromise your security to a point beyond the fixable realm. If you do that to the VirtualBox folder for example, I can guarantee you that VirtualBox will stop working, because the main programs are going to lose their "setguid" bit.
Oh yes, if you are running an SSD the drive is always read-only unless you are in a directory in the Finder, like the Applications Folder.
I'm sorry, but where did this even come from? Can you give an example? A reference?
comment:5 by , 6 years ago
This is not a hack! Every Mac owner is the Administrator of his/her Mac. That is setup initially when one first activates the Mac. That is how you allow others to share your printer, monitor etc. When you install an app on a Mac, if you have a secure Mac you must enter your password to install or remove anything! That is NOT a hack but normal secure operation. Furthermore when you create a secure/encrypted drive you can do nothing anywhere unless you are the Administrator, Any Mac owner is aware of this. If your Mac is secure you cannot change anything in any folder unless you have permission to do so. That permission is granted by going to the GET INFO on any folder, aside from the System, Library and Applications folders. In fact if you create a folder in the Finder and name it Documents for instance, if you try to write/save to that folder you cannot do so unless you select yourself to be the Administrator of that folder and there you can determine if you can Read or Write or Read and Write and determine if anyone else can or cannot do the same.
As far as the SSD being Read Only one need only try to install virtually any app on the Desktop and try to Launch it. The Finder will instantly give you an Error Message stating that you cannot run, install or Read or Write an app on that drive.That is why installers install in the Applications Folder or the Library etc. Unless an app is totally self contained like EtreCheck, a diagnostic app, If you try to launch an other than a self contained one you will instantly get a message that the app cannot be opened! doubt me get access to a Mac with an SSD and try it. You will get that response 100% of the time.
In Mohave the issue becomes even more pronounced. May apps to be able to function at all you have to go to the Security Control Panel and as Administrator you must open that panel and grab permission to that app to access Information/data on that Mac and grant access to the Mac's features. This IS NOT a HACK it is normal System operation.
The new Security protocols also require the same actions for many apps. For instance, to install many extensions in QuarkExpress 2018 you must grant yourself permission as the owner and administrator to access the Container of the app so that you can grant permission to write to the Extensions folder or else the installers cannot install almost anything. As far as the VirtualBox goes it is an open a friendly environment that is open to installations etc. But you cannot install it on your Mac, if it is secure, without being the Administrator to Authorize/Give permission to install the app. That is basic Mac protocol that anyone who owns a Mac is well aware of.
I'm off to bed now. Sleep well everyone.
I hope that this answer helps. If not I would be willing to supply screenshots or whatever to demonstrate this.
I want to make one thing clear I would never do anything to jeopardize my Mac or anyone else's.
comment:6 by , 6 years ago
- This is a hack. No questions about it. A properly setup computer will *never* need a manual adjustment of permissions. A "hacked" or "tampered with" computer, will.
- I'm familiar with Macs for the last 30 years (31 to be exact). From the Classic Mac OS and the OSX's first beta, to the latest 10.14b. So am I familiar with the first and every release of WinNT (the secure one) and Win* (the free-for-all one), the 0.x Linux kernel, and an assortment of other Operating Systems. Yes, I know what an owner/admin/root is. And it's a ReallyStupidIdea™ if it's the only thing that you use on your computer, trust me.
- Have you noticed that lately all the major OSes are enforcing a "simple user" creation besides the "owner"? Except OSX of course, but I still have my hopes high, they're going to come around eventually.
- I'm familiar with OS security, more that you (or I) want to know.
- "This is my computer, I can do whatever I want to do with it", is the naive, over-simplified approach that I talked about originally. Sure it's yours, you can set it on fire if you want to, but don't complain if it doesn't work afterwards. :o
- The "Get Info" dialog from the Finder is a really, really, really simplistic approach in setting the permissions. Way too over-simplified. Not for a user that knows or understands what's going on. Just open a Terminal, and issue the command "
ls -aled /Applications". Now tell me exactly how you're going to apply the "0: group:everyone deny delete" in the "System Preferences.app" (for example). Or, how you're going to enforce the "t" in the output of "ls -aled /private/tmp/". Or, to speak VirtualBox-e, how you're going to enforce the "rws" in the "-rwsr-xr-x" output of "ls -ale /Applications/VirtualBox.app/Contents/MacOS/VirtualBox".
The forums, especially the VirtualBox on Mac OS X Hosts one, are filled with users that were "adjusting"/"correcting"/"fixing" their permissions, and they knew better. And they had to be rescued.
As I said, do whatever you want with your computer. Just don't pass around information that hasn't been thoroughly researched and/or tested. It could hurt people's setup...
As for the 10.13 policy for specifically permitting KEXTs to be installed, yes, I'm quite familiar with it. In fact I was the first one to report it back in 2017-07-15:
For the VirtualBox installation, there is a small difference for first time users of either 10.13 or VirtualBox, and that's a new policy from Apple, which requires that even known developers must be given a stamp of approval before they can install a kernel extension for the 1st time. Expect complains...
Unfortunately, I sounded like Cassandra back then...
And finally, I have absolutely no clue whatsoever what you're trying to describe with regards to the SSD being read-only. What you're describing makes (sorry to say it) no sense at all. SSD or not doesn't really matter. APFS or HFS+, might. Not so for NTFS, exFAT, or FAT32.
It sounds like you're trying to describe an application being launched from the DMG that you downloaded it from, and that gives you a warning that it's on a Read-Only system. Of course it will! DMGs are (typically) read-only, at least the ones that you download from the net. Applications that want Read-Write access (inside their own bundle) need to be installed properly. Nothing to do with SSDs.
But, this is starting to veer off to completely off-topic areas, and it might dilute the information that we asked from the OP. If the information proves that there's some sort of permissions problem, then we can see what we should do about it. Not before we have the facts, not blindly changing permissions. It's dangerous!
comment:7 by , 6 years ago
I am going to say this one more time...the procedures I have suggested are SAFE and SUPPORTED by Apple. This permission issue has nothing to do with altering the OS. It is simply a procedure provided by Apple to the user since the beginning of the Mac. The Administrator is established when you first use your Mac. That Password that you establish for Startup and Un-Locking the Locked Screen etc are all part of the users protocols that are part of using the Mac.
An excellent example of the need to change Permissions is the a case when you use an app such as Scrivener. If you delete. the app and then reinstall it and try to access the previously saved work you will not be able to get to it...you will get the message that you DO NOT HAVE PERMISSION to access theFile or Folder. The only way to get back to your work is to go to that Folder and GET INFO and authorize the Folder to be written to and Read by you the user and owner of the Mac, the Folder, the Documents etc. This is APPROVED and recommended by APPLE SUPPORT.
As far as the SSD is concerned you did not read my note very carefully. I said and will say again...You cannot run an app on the Desktop unless it is completely self-contained, such as EtreCheck the diagnostic app as I earlier mentioned. I defy anyone to try and drag ant app to the Desktop and try to run it. Cannot be done. The only thing that the OS will allow is an Alias.
Finally, the "really, really, simplistic approach" to permissions is neither ignorant or dangerous. What is dangerous is for an inexperienced user to go to the terminal and issue commands that they are not totally familiar with! Remember the Mac was created as the computer for "The Rest of Us". Simplicity is what the idea of the Mac is about. Yeah you can be a wonk and and use the terminal for every thing but there are simple fixes that are just as effective, legal and non-threatening to your Mac yourself or your data.
I admit that I am unfamiliar with the various file formats for PCs but you are correct that the problem is related to APFS in particular and that only appears on SSDs on the Mac.
I have not advocated that anyone tampers with the operations of any apps such as DropBox just the ability to access folders and directories on the drive. If you are familiar with the Mac OS you will know that you cannot change Permissions on essential directories. For instance you cannot change the 0n the System Folder, the Library Folder, the Users Folder or the Applications Folder . In fact you cannot change permissions on your Startup Drive or your Time Machine Drive.
Believe what you want...I have worked on Macs since the 1st MacPlus came off the line. I know the OS and the Mac intimately and love it and protect it.
I might get booted from this group for saying this but your intimation that I am trying to teach people to destroy or damage their Macs is way out of line. Yeah, I have the right to destroy my Mac. But I will never advocate such narrow minded approach to Mac operations as you advocate...especially what I have suggested is only something to be done ONLY when necessary. Nothing that I have suggested will hurt anyones Mac or setup!
If you are a Mac user/owner and doubt what I say call Apple Tech Support or go to the Apple Community Support site and ask the "Geniuses" and Support People on those sites if I am advocating dangerous and ill advised ideas. You will find that I am supported.
I am done with this issue. If people want me to leaven this group please post a reply as such and I will delete myself immediately. I have no desire to alienate or offend or mis-inform anyone. If I have done sop please forgive me...it was never my intention.
comment:8 by , 6 years ago
Replying to JohnGregory:
Sorry that you are having these problems! I am running the newer VirtualBox and Windows 10 Pro on my 2017 iMac with the latest Mohave beta and the Box is running perfectly. Is there a chance the you are running an SSD? If so I have found that if you go to any app or moist any folder and make yourself the Administrator able to Read & Write it will solve many install and related issues. High Sierra started creating these issues because of an increases security profile and it is hugely magnified in Mohave. Sure hope this helps.
Oh yes, if you are running an SSD the drive is always read-only unless you are in a directory in the Finder, like the Applications Folder.
I have verified that I am already the Administrator (Read & Write privileges) for the directory I am attempting to mount.
comment:9 by , 6 years ago
@MB2
As I've mentioned, you should open a new thread in the Windows Guests section of the forums (same login credentials). I'd hate to do an analysis of the logs for 1 or 2 people only. In the forums there are a lot more lurking users who can collectively benefit from the analysis. Not to mention people that use the search engines...
@JohnGregory
I'm not going to go into any further analysis, I've given you general system behavior guidelines, you've replied with examples of (badly written) specific application. You can believe what ever you want, just don't spread it around, or be ready to be corrected. And if you're so inclined, do yourself a test; take access of the /Applications or give everyone RW access. Then tell me if VirtualBox is going to run or not, and if it's not going to take a trip to the forums to have someone solve it for you!
You still think about an era where there were no permissions, no ACLs, one user, no security. You had complete reign over your computer. Things have changed. You should try and educate yourself. The points that you bring up were valid once upon a time, for OS System 6 and 7. Actually not even, there were no permissions then, except the "Locked" one. Not for OSX I'm afraid. It's a completely different, Unix-based model...
comment:10 by , 6 years ago
Related discussion in the forums: https://forums.virtualbox.org/viewtopic.php?f=2&t=89249
comment:11 by , 6 years ago
Based on the comments of the OP in the forums:
If you attempt to edit a file, using notepad, it seems to save. When accessing that file system via IIS, an error indicates that the web.config has invalid xml
it seems that the whole "read-only shared folders" was based on a misconception that the shared folders would present the advanced filesystem features that are present in other filesystems/network shares.
The Shared Folders are not read-only, it's the applications that want to access files on a Shared Folders have a different set of requirements. I believe that this ticket can be closed as "WorksForMe", or "Invalid", or similar.
You were supposed to follow these steps when you filed the bug, and provide a VBox.log:
It's usually better and faster, if issues like this one (configuration, question) get first addressed in the VirtualBox forums, a lot more eyes. More than 95% of the issues are resolved over there, which keeps the developers focusing on the bug fixes and enhancements, and there is no need for another ticket to keep track of. For example, yours is most probably not a bug and someone from the developers has to deal with it and close it as "Invalid".
So, if you can, please open a new thread in the Windows Guests section of the forums. Please be sure to mention that you came from the bug tracker and include the ticket number.