Joe, the folders had:
Kevs (me) Read and WRite
everyone Read and Write
these are on one external hard drive attached to a new imac
Get Info on the disk volume. At the bottom of the info window is a checkbox labeled "Ignore ownership on this volume". Uncheck it.
By default, the checkbox is checked (that is, ownership is ignored) for any disk volume that is not the startup volume. You have to uncheck it to make OS X pay attention to ownership on the volume.
The idea is that external disks are, in practice, usually used like large floppies, for carrying files from one machine to another by
sneakernet. The Unix security model is an extremely poor fit to this usage. Unix permissions identify users by a numerical
userid, and the numbering on one machine has no relationship with the numbering on another. Even a user who has the same user name on two machines may have different userids on those machines. It would be irritating at best if files the user put on the disk from one machine couldn't be read from another machine just because the numeric userids didn't match. For that matter, if you're really just sneakernetting files, you expect that whomever you give the disk to should be able to read it, even if they're not you.
The way this works is that everything created on or copied to a disk volume with "Ignore ownership" turned on is marked as owned by the special user with userid 99, whose name is usually "unknown" or "_unknown". The group of the file is set to group 99 (also usually named "unknown" or "_unknown"). Don't confuse either of these with "(Unknown)", with parentheses. That's the name Finder attaches to a numeric userid or groupid that it doesn't recognize.
If you try to access a file or folder on a disk volume with "Ignore ownership" turned on, it behaves as is it were owned by this same "unknown" user and group, even if it isn't really.
What makes "unknown" magical is that it's a chameleon. Any user except the superuser who looks at a file owned by "unknown" always sees it as if it were owned by whoever is doing the asking. Likewise for group: a file with group 99 behaves like it's in the primary group of whoever is asking (except, again, when the superuser asks—nobody lies to the superuser).
One important thing to keep in mind is that the setting of the "Ignore ownership" flag is
not stored on the disk. Each computer (actually, each startup volume) keeps a list of all the disk volumes it has ever seen, and what setting that flag has for that disk from that machine. A new never-before-seen disk volume starts off with the flag set.
Thus, the flag can easily have different values on different computers, even for the same disk, so something that's read/write on one machine may be read only on another. If you erase the disk, the flag turns on again on all computers, because they see it as a new disk volume.
The reason this works well with sneakernetting is that if
either machine has elected to ignore ownership, files automatically appear to be owned by whomever is looking, and users invariable give themselves read-write access to their own files.
As for the "everyone" line... That's part of the standard Unix permissions model. In the standard model, every file (and folder) has an owner and a group. (A group is a collection of users. A group can contain zero or more users, and a user can be in one or more groups. Groups are useful to conveniently share files between users on the same computer; put the users together in a group, and mark the shared files with that common group.)
In addition to a (numeric) owner and group, each file also has 9 permission bits, 3 for the owner, 3 for the group, and 3 for everyone else. Those three bits grant read access, write access, and execute access.
When the owner of a file tries to access a file, the 3 owner bits are consulted and the others are ignored. If a non-owner tries to access a file, if the non-owner is in the same group as the file, the 3 group bits are used. Otherwise, the 3 everyone-else bits are used.
That's why, when you look at permissions in Get Info, there will
always be a line for "everyone". That's part of the standard Unix permissions model. And I repeat, it applies only to the users who are not the owner of the file (which Finder lists as the last "one-head" line) and also are not in the group of the file (which Finder lists in an optional "two-head" line following the owner line). The "everyone" line is the "three-head" line at the bottom.
BTW: any lines that Finder shows before the owner (last "one-head" line) correspond to ACLs, a topic you are invited to research elsewhere. If one of those is a "two-head" line for everyone, in addition to the "three-head" line at the bottom, that's probably a mismatch between the OS X versions on the two machines. One of them is showing an ACL that the other is hiding. If that's the case, we can talk. This post is long enough already.
As for why "everyone" has write access, you'd have to look at the progeny for the files. By default, most files are born read-only to group and everyone, but it's really easy to get that write access attached. When files are copied, their permissions are usually carried across to the copy. (But the owner is usually changed to the user doing the copy, and the group is taken from the group of the destination folder. Usually.)