I switched on Enable User Folders on existing site.
There happened to be no Members folder I discovered and created that manually in ZMI.
My Folder appeared nicely and added some private content. I created a second user with Editors right.
Switch to Volto as the editor user after restart of my browser and sureprisingly i could see and delete all My Folder stuff of the other user (who had admin +site rights btw).
Is that normal or a security leak?