this post was submitted on 22 Jun 2024
37 points (93.0% liked)

Linux

48183 readers
1450 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

(More) Specifics:

  • Undoing the protection should include filling in a password.
  • The password should be different from the one used with sudo or any other passwords that are used for acquiring elevated privileges.

All (possible) solutions and suggestions are welcome! Thanks in advance!

Edit: Perhaps additional specifications:

  • With 'displace‘, I mean anything involving that resembles the result of mv, cp (move, cut, copy) or whatsoever. The files should remain in their previously assigned locations/places and should not be able to 'pop up' anywhere.
  • I require for the files to be unreadable.
  • I don't care if it's modifiable or not.
  • I don't require this for my whole system! Only for a specific set of files.
you are viewing a single comment's thread
view the rest of the comments
[–] poki@discuss.online 0 points 4 months ago (1 children)

Thank you for your input! It has made me recognize that I should specify that I don't want this to be system-wide; which was not clear from the post.

What you’re describe in your post is a user who is not confident enough to manage their own machine with the CLI, and is afraid of misplacing files.

I understand why I might have given off that impression. But no worries; I'm a (relatively) seasoned Linux user. I also have no qualms with CLI or whatsoever. It's a specific set of files that I wish to 'protect'.

[–] just_another_person@lemmy.world 3 points 4 months ago (1 children)

You're aware of file permissions, right?

So if you're concerned about a specific set of files that you don't want moved, AND they're in a normal userspace location...

[–] poki@discuss.online 0 points 4 months ago (1 children)

The thing with file permissions is that I or root are able to change that. I am looking for a method (if it exists) that somehow bypasses that.

[–] just_another_person@lemmy.world 1 points 4 months ago (1 children)

Yeah, but you'd need to sudo in order to affect the files. So that's a simpler way of doing what you're suggesting.

[–] poki@discuss.online 0 points 4 months ago (1 children)

I'll straight up pose the question I asked someone else:

It seems I wasn't clear as most people misunderstood me.

But, to give a very precise example; say

  • I had a folder called ~/some/folder.
  • It was on an encrypted drive.
  • And I had done additional work to encrypt the folder again.
  • And say, I used chattr, chmod or chown or similar utilities that remove access as long as one doesn't have elevated privileges.
  • And say, I had done whatever (additional thing) mentioned in your comment.

Then, what prevents whosoever, to copy that file through cloning the complete disk?

Even if they're not able to get past the password, it will be found on the cloned disk. SO, basically, I ask for some method that prevents the file to even be copied through a disk clone. I don't care that it has three passwords protecting it. What I want is for the disk clone (or whatever sophisticated copy/mv/cut or whatsoever utility exists) to somehow fail while trying to attempt the action on the protected files.

[–] just_another_person@lemmy.world 3 points 4 months ago (1 children)

Nothing can stop anyone anywhere from cloning a storage device. You can encrypt it however many times you want, but it can still be read at the block level.

I'm not sure where the paranoia lands or is focused towards, but there is no storage device that exists that can't be copied, so if that's your hangup, you should just accept that and move on. If someone has physical access to your drives, then can copy it, but whether they can decrypt it is up for debate.

As the saying goes: given enough time and effort, anything can be brute-forced.

[–] poki@discuss.online 1 points 4 months ago

Clear. Thank you!