diff --git a/gui/src/components/uploads/EditMembersDialog.js b/gui/src/components/uploads/EditMembersDialog.js
index 7440007e19aec2139efc23c83302aebd6e755b53..43f40efc8598bdf4e25e0618befb145a12f20b49 100644
--- a/gui/src/components/uploads/EditMembersDialog.js
+++ b/gui/src/components/uploads/EditMembersDialog.js
@@ -454,7 +454,7 @@ function EditMembersDialog({...props}) {
           </DialogContentText>
           <Tooltip title="If checked, the upload can be viewed before publication even by unregistered users.">
             <FormControlLabel
-              label="Visible for all"
+              label="Publicly visible"
               control={
                 <Checkbox checked={isVisibleForAll} onChange={handleIsVisibleForAll} />
               }
diff --git a/gui/src/components/uploads/EditMembersDialog.spec.js b/gui/src/components/uploads/EditMembersDialog.spec.js
index 6565b53024f644790fa82e21dbaab2fef269acf2..eb07e0090bcf0ba27850f6cd9ddf85e74deb54be 100644
--- a/gui/src/components/uploads/EditMembersDialog.spec.js
+++ b/gui/src/components/uploads/EditMembersDialog.spec.js
@@ -248,7 +248,7 @@ test('Toggle visible for all checkbox', async () => {
   render(<UploadPage uploadId='dft_upload'/>)
 
   let dialog = await openMembersDialog()
-  let checkbox = await within(dialog).findByRoleAndText('checkbox', 'Visible for all')
+  let checkbox = await within(dialog).findByRoleAndText('checkbox', 'Publicly visible')
   expect(checkbox.checked).toEqual(false)
   fireEvent.click(checkbox)
   expect(checkbox.checked).toEqual(true)
@@ -256,7 +256,7 @@ test('Toggle visible for all checkbox', async () => {
   await waitForGUI(2000, true)
 
   dialog = await openMembersDialog()
-  checkbox = await within(dialog).findByRoleAndText('checkbox', 'Visible for all')
+  checkbox = await within(dialog).findByRoleAndText('checkbox', 'Publicly visible')
   expect(checkbox.checked).toEqual(true)
   fireEvent.click(checkbox)
   expect(checkbox.checked).toEqual(false)
@@ -264,7 +264,7 @@ test('Toggle visible for all checkbox', async () => {
   await waitForGUI(2000, true)
 
   dialog = await openMembersDialog()
-  checkbox = await within(dialog).findByRoleAndText('checkbox', 'Visible for all')
+  checkbox = await within(dialog).findByRoleAndText('checkbox', 'Publicly visible')
   expect(checkbox.checked).toEqual(false)
 
   closeAPI()
diff --git a/nomad/app/v1/routers/uploads.py b/nomad/app/v1/routers/uploads.py
index dae2381bf3579c46a76389e41d1e7c05020068f1..595ef7cfc762bc9ae75c3926ca18090727b54f0b 100644
--- a/nomad/app/v1/routers/uploads.py
+++ b/nomad/app/v1/routers/uploads.py
@@ -718,6 +718,10 @@ async def get_uploads(
         None,
         description='Only return uploads where the user has one of the given roles.',
     ),
+    include_all: bool = FastApiQuery(
+        False,
+        description='Include uploads that are shared with all users.',
+    ),
     query: UploadProcDataQuery = Depends(upload_proc_data_query_parameters),
     pagination: UploadProcDataPagination = Depends(
         upload_proc_data_pagination_parameters
@@ -729,7 +733,7 @@ async def get_uploads(
     """
     # Build query
     mongo_query = Q()
-    mongo_query &= get_role_query(roles, user)
+    mongo_query &= get_role_query(roles, user, include_all=include_all)
 
     if query.upload_id:
         mongo_query &= Q(upload_id__in=query.upload_id)
@@ -2635,14 +2639,14 @@ def _query_mongodb(**kwargs):
     return Upload.objects(**kwargs)
 
 
-def get_role_query(roles: List[UploadRole], user: User) -> Q:
+def get_role_query(roles: List[UploadRole], user: User, include_all=False) -> Q:
     """
     Create MongoDB filter query for user with given roles (default: all roles)
     """
     if not roles:
         roles = list(UploadRole)
 
-    group_ids = get_group_ids(user.user_id)
+    group_ids = get_group_ids(user.user_id, include_all=include_all)
 
     role_query = Q()
     if UploadRole.main_author in roles:
diff --git a/nomad/groups.py b/nomad/groups.py
index 66ef9c08ce24a12c57180e1beda45ba02d118713..99a2085d2bfb42a9c671a7986f6c934c9c0d77c8 100644
--- a/nomad/groups.py
+++ b/nomad/groups.py
@@ -48,12 +48,12 @@ class UserGroup(Document):
         return user_groups
 
     @classmethod
-    def get_ids_by_user_id(cls, user_id: Optional[str]) -> List[str]:
+    def get_ids_by_user_id(cls, user_id: Optional[str], include_all=True) -> List[str]:
         """
         Returns ids of all user groups where user_id is owner or member.
         Does include special group 'all', even if user_id is missing or not a user.
         """
-        group_ids = ['all']
+        group_ids = ['all'] if include_all else []
         if user_id is not None:
             group_ids.extend(group.group_id for group in cls.get_by_user_id(user_id))
         return group_ids
@@ -99,5 +99,5 @@ def user_group_exists(group_id: str, *, include_all=True) -> bool:
     return get_user_group(group_id) is not None
 
 
-def get_group_ids(user_id):
-    return UserGroup.get_ids_by_user_id(user_id)
+def get_group_ids(user_id, include_all=True):
+    return UserGroup.get_ids_by_user_id(user_id, include_all=include_all)
diff --git a/ops/kubernetes/nomad/values.yaml b/ops/kubernetes/nomad/values.yaml
index ef04f09902890b6dc6f26020856ca9867e285c4c..33955dbdfcf0fb45db2a4357c11dbe92e89858ca 100644
--- a/ops/kubernetes/nomad/values.yaml
+++ b/ops/kubernetes/nomad/values.yaml
@@ -477,6 +477,7 @@ jupyterhub:
                 # Workaround for webtop based images (no connection to jupyterhub itself)
                 if tool.get('privileged'):
                     spawner.privileged = True
+                    spawner.allow_privilege_escalation = True
                     spawner.uid = 0
 
         c.Spawner.pre_spawn_hook = pre_spawn_hook
diff --git a/pyproject.toml b/pyproject.toml
index ce34cebb61826b94e3dbb09f6ad443f8a412dac3..d57fbcbe43586ed000581140d8c17a89de2f0e0c 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -45,7 +45,7 @@ dependencies = [
     'python-magic==0.4.24',
     'pytz>=2022.7.1',
     'pyyaml>=6.0',
-    'requests>=2.27.1',
+    'requests>=2.27.1,<2.32.0',
     'rfc3161ng>=2.1.3',
     'scikit-learn>=1.0.2',
     'scipy>=1.7.1',
diff --git a/requirements-dev.txt b/requirements-dev.txt
index c2915e9e7a7c5f48fb8685553d41fcb5e1324cec..e9841e78c294d82ef783f41e389717e4441425f5 100644
--- a/requirements-dev.txt
+++ b/requirements-dev.txt
@@ -306,7 +306,7 @@ rdkit==2023.9.5           # via -r requirements.txt, nomad-lab (pyproject.toml)
 readme-renderer==43.0     # via twine
 recommonmark==0.7.1       # via -r requirements.txt, nomad-lab (pyproject.toml)
 regex==2024.5.15          # via mkdocs-material
-requests==2.32.2          # via docker, hyperspy, jupyterhub, jupyterlab-server, mkdocs-material, oauthenticator, optimade, pooch, pybis, pymatgen, python-gitlab, python-keycloak, requests-toolbelt, rfc3161ng, sphinx, twine, -r requirements.txt, nomad-lab (pyproject.toml)
+requests==2.31.0          # via docker, hyperspy, jupyterhub, jupyterlab-server, mkdocs-material, oauthenticator, optimade, pooch, pybis, pymatgen, python-gitlab, python-keycloak, requests-toolbelt, rfc3161ng, sphinx, twine, -r requirements.txt, nomad-lab (pyproject.toml)
 requests-toolbelt==1.0.0  # via python-gitlab, python-keycloak, twine, -r requirements.txt
 rfc3161ng==2.1.3          # via -r requirements.txt, nomad-lab (pyproject.toml)
 rfc3339-validator==0.1.4  # via jsonschema, -r requirements.txt
diff --git a/tests/app/v1/routers/uploads/test_group_uploads.py b/tests/app/v1/routers/uploads/test_group_uploads.py
index 9bdb5a2968ba85ab726429ad872a76bc6611312c..1c407a0ed3c1e360e4446bc02ce1b083880da502 100644
--- a/tests/app/v1/routers/uploads/test_group_uploads.py
+++ b/tests/app/v1/routers/uploads/test_group_uploads.py
@@ -25,7 +25,6 @@ def get_agents_from_upload(upload):
                 'id_RGg2',
                 'id_CGg123',
                 'id_RGg123',
-                'id_RGall',
             ],
             200,
             id='no-args',
@@ -43,11 +42,21 @@ def get_agents_from_upload(upload):
             [
                 'id_RGg2',
                 'id_RGg123',
-                'id_RGall',
             ],
             200,
             id='reviewer',
         ),
+        pytest.param(
+            'user2',
+            {'roles': 'reviewer', 'include_all': 'True'},
+            [
+                'id_RGg2',
+                'id_RGg123',
+                'id_RGall',
+            ],
+            200,
+            id='include-all',
+        ),
     ],
 )
 def test_get_group_uploads(