Nextcloud and the "need-to-know" principle
This principle states that a user shall only have access to the information that their job function requires, regardless of their security clearance level or other approvals.
That means that by default, if no permissions are granted to a user, he/she cannot see or access any folder or file.
Let's consider the following:
👤 a user U
📂 a group folder GF, that U can access.
📂 a folder F, located somewhere in the groupfolder GF.
We want that, by default, U cannot access F (even if U has access to the groupfolder).
For U to access F, a specific permission must be given to the user.
Subscriber exclusive content
A Nextcloud Enterprise Subscription provides unlimited access to our knowledge base articles and direct access to Nextcloud engineers.
Customers and Partners
Log in for full accessLog in