Is it possible to block access to some files/folders from outside of a Windows account?
e.g. if I boot the PC with a Linux live-USB, I can access all the files within the NTFS partitions and I'd like to avoid that
Encryption. The only way.
macOS can be told to ignore permissions on any volume it is not booted from, making it trivial to read data from it.
After comments
I had originally claimed all OSes can do this, but after multiple comments below I'm not sure if they can. There appears to be some debate as to whether this is possible on any other OS.
However, give me any boot or data drive & I can read it, so long as I mount it to another machine. I've been doing it for more years than I can remember. I exclusively use a Mac to analyse & fix various drives from other OSes & never once had any difficulty so long as they're not encrypted.
There's just a checkbox to switch off permissions.
I use the Mac to do this for several reasons, one is that simple checkbox, the other is the simplicity of fixing/cloning/rescuing non-Mac drives compared to doing it under native conditions or from command-line 'live' unix rescue solutions.
A simple example with 2 volumes mounted on a Mac. One is a direct clone of the other, though not absolutely up to date so they are not literally identical. Both are bootable volumes, of course. The one on the left is the current boot volume, the other merely mounted as any other internal drive.
The non-boot volume has a simple switch to ignore permissions, giving me unlimited access, unfettered by any restriction applied while it is the boot volume. Note the permissions are already slightly different, as the OS itself does not claim to 'own' the filesystem on the clone. If I swap which drive I'm booted from, these permissions will swap one to the other, as will the 'ignore ownership' flag.
No OS respects permissions applied to a non-boot drive
this is ofcourse horribly wrong. All I did was make this clear.
Commented
Jan 1, 2021 at 14:55