If we would index the Personal Directories of all Employees (Integrate them into an File System Repository), so that every Employee can search public documents PLUS his own personal files(trex), there are a few Problems concerning security:
We need a User who has access to all personal files on the file system, who is used for mounting the directories.
The User index_service needs full access to all personal files.
But the main Problems are the system Principals. Every User, who has a Role, that has System Principal right (full read and write access) can access all personal files, that are integrated in a File System Repository. For Example every User, who is a Content-Admin.
Is there an opportunity to restrict access to personal files even to these Users?
Thanks in advance,