Hi Friends,

How can we hide a file so no one can see that file even root?

If we can rename the file with .(dot), we can list them using ls –la, so it will not work.

Thanks for your cooperation!!

Why would you want to do such a thing?

If you are using Ubunutu 8.10 you can use the new Encrypted Private Directory to keep your files private.

Actually I am writing a script in which there will be some files and I want to put them on hide and using redhat linux.

Don't misunderstand what I am going to say, but what you are asking to do is something hackers/crackers would do to cover their tracks. You want steps to hide your script and file(s) from root as well.

You can do what AuroraCA said, create a encrypted private directory or you can create an encrypted tar file. Hiding a .dot directory or .dot file is not that simple, especially from a knowledgeable root user.

- Cheers

Just a word of advice, and I hope you take it constructively. If this is in a work environment, I wouldn't even try to hide things from the administrators. Companies have a habit of feeling very strongly about this sort of thing when they find it. If it's something that doesn't belong on the server, then it simply doesn't belong there. If it's work-safe but you have some valid reason that you don't want anyone to know about it, then I'd discuss it with your supervisor anyway. Maybe he will have a suggestion for you. If it's on a school server, then you should consider the same issues.

By definition, root has god-like powers. If you had such privilege, then you would be more powerful than root, and that would be a paradox.

JATA;

If you don't want to tell us why you want to hide something from the root user (AKA the administrator---ie the person who is responsible for the computer), then noone should really be helping you.

Please tell us what you are up to and specifically why you would need to hide something from the administrator.

It is not really possible. The only way to hide them is to rename them with '.' at beginning, but then they are still there and you can list them. To do what you want is not possible, because you would never be able to find them again as anyone. Think about it and maybe you'll understand. If you hide the files and nobody can see them, how do you get them back ? I guess deleting the files would be what you want, that would satisfy all your conditions. Then you could attempt to recover them with something like foremost.

Thank you all !!

I just got an idea, if we hide some files from our other resources even root. They will not see them, only they can able to execute.

sooo....
chown someuser:someuser donotopen.txt
chmod 300 donotopen.txt
???

root can do anything though... and an administrator may be able to do anything (depending on if they have a special group or if they have root powers.)

If you are concerned about readability for privacy reasons... you can always just store it on a flash drive.

BUT if you really want to be sneaky AND you have root powers AND you want it to persist

create a swap file (file not partition)
some how restrict the swap system from using it
encrypt the data stream then 'dd' it into the swap space.

This would give you a prealocated space of a predefined amount where you can store and retrieve encrypted data from that is pasted it with any type of format and space you want. Nobody can simply read the swap space short of viewing it in hexadecimal, it's encrypted, and the format is unknown.

the previous post was right though... what you want is something a virus or a hacker would do. Coincidently, this is something windows does on a regular basis with desktop.ini files I guarantee you, the number of desktop.ini files you can find with linux viewing the ntfs partition will outnumber the amount you can find using the gui search in windows. Not to mention the recycling bin! don't get me started on that!

I don't know what do you think you found. But root is root. Period. It can do anything, and that includes seeing every file, and being able to restore and change permissions for any file.

If your concern is privacy, look into encryption. Then you are going to be sure that unless they have your key they can't decrypt the file to look inside. However, that will probably annoy them, and they could just delete any encrypted file they find around without any warning as well.

Decided to delete this message