Problem

You notice your workspace root (main) folder is visible to other users in the workspace, even though the folder permissions are set to you and the workspace admin.

Cause

Under workspace/Users, if a user has permission to view a nested object within a folder, they will also have visibility of the folder.

When you share a file or object inside your root folder and then move it to the Trash, its permissions remain intact for 30 days. During this period, a user with access to the object in the Trash retains the ability to view the parent folder, even though they cannot access its contents.

Solution

Navigate to the Trash folder and permanently delete all objects in the Trash. This immediately removes any residual permissions tied to those objects.

Beyond manual Trash cleaning, the Daily Task Service permanently deletes objects in the Trash after 30 days. Once the objects are deleted, unauthorized users will no longer see the main folder.

Databricks recommends avoiding sharing files directly from sensitive folders. Instead, create separate folders for shared files to better control visibility and permissions.