Announcing a more intuitive sharing experience across Microsoft 365 for better collaboration

StephenRiceThanks for your reply.

Unfortunately it is not granted that an user that has read access to a file can't create edit or read links for a file. I've double checked it in our environment.

To reproduce this, I do a test with my testuser, that would sent me an edit link (I dont have access to the library or file).

The situation: We've implemented an approval process and when the file is approved, we break the permission inheritance at file level and give all users except the owner read rights to the file.

As you can see on the screenshot, the testuser has only read permission

Now he creates the link and sent it (see the screenshots below)

With this link, I received, I get edit access to the file.

And now, the really strange thing is, that the shared link the testuser creates DON'T appear in the manage access panel. (I've checked it with the user that sends the link and the library owner account)

As I mentioned in my comment before, the users should have the possibility to share files, even if they have just read access. (If they can't do that they will copy and paste those files and thats the worst thing.) But they shouldn't be able to manipulate the permissions settings an owner has done at the source. Thats a big security and compliance leak and a big problem for us.

The setting "Just Owners are able to create links" is not practicable and it doesn't make sense for us. An owner acts as an admin and it's not the user that daily works with the library and the library content.

Regards,

Ingrid