This would be secure for everything except downloading
(since anyone with a little sense could figure out how
to download each file, as long as loc1 isn't altered).
Make it so only admins and the user with the password
can edit, delete, etc that user's file. File and
directory ownership is tracked, so only the owner of
the file or an admin can add a password.