Currently when restricting a content editor's access in the CMS to only be able to edit content on specific websites they are still able to see the all the websites in the multi site environment and browse the content tree of the sites they don't have access to. This is presumably due to the 'Everyone' group requiring read access so annoymous visitors can access the websites externally.

Can the permissions logic be changed so only the websites the current user has access to can be seen in the tree?

I found this partial solution from Mark Hall, https://world.episerver.com/blogs/Mark-Hall/Dates/2018/5/hide-sites-in-page-tree-for-editors-without-create-or-edit-access-rights/, but because we're using Find on the site, when a user searches within the CMS for a page or asset Find returns results containing pages and assets that the current user doesn't have access to.