Stop root from accessing my files

MasterC · 10-17-2002, 07:17 PM

Is there a way to make it so root cannot see my files? Such as creating a directory that only I can view, and add files to it.

I mean root can log in, and go into the directory in which my directory existed, and even by typing 'ls -a' then root still wouldn't see it, so I don't mean just hidden, but even if root could see the folder, root couldn't access it.

I only have linux on my home system, so no, I am not trying to hide files from any admin dudes or anything, I am just wanting to know if you can do this, and if so, how.

Thanks for any ideas/links.

Cool

neo77777 · 10-17-2002, 07:46 PM

Basically no, root has no restrictions on the system, even if you chmod 400 your files that only you can view it, root can modify these files

DavidPhillips · 10-17-2002, 08:05 PM

you will need to encrypt your files.

mcleodnine · 10-17-2002, 08:19 PM

Crypto FS - It's available through the setup (yast2) on SuSE 7.3 and up.

MasterC · 10-17-2002, 08:49 PM

Cool, thanks guys.

I also am wondering about cross distro root access...

If I use encription for any given file, if I log into another distro on the same box, and mount the drive, can root still access the file then?

Example:
I have Slack installed on /dev/hda1
I install another Slack on /dev/hdb1
boot into /dev/hdb1 and mount /dev/hda1 on /mnt/slack1
Now, as root, I enter directory /mnt/slack1/home/ecryption
in which the files are encrypted, but I encrypted them when I was booted into slack on /dev/hda1.
Would I be able to then access them?

I think my example is more confusing than just realizing what I am asking

Anyway, any thoughts on that?

Thanks guys for participating

Cool

stickman · 10-17-2002, 09:21 PM

Encrypting the individual files will not hide them. You should look into something such as CryptoFS or StegFS.

jetblackz · 10-17-2002, 09:44 PM

visible like this?

…Z`s€`ìÿkg”<"3^ŒC»VÌ˜°õ¾0ð®AàV ^›8~å8‚"³îbÀë±Xaæµ_\DëcYa*0þ

I invite everybody to crack it. I'll give you one year.

DavidPhillips · 10-18-2002, 03:09 AM

though it's visable it cannot be read.

However it can be deleted

drthornt · 10-20-2002, 11:58 AM

chmod 000 myfile

drthornt · 10-20-2002, 12:01 PM

you need: http://www.gnupg.org/

drthornt · 10-20-2002, 12:05 PM

Oh there are many cool thing you could do.

cat your encryped file to the end of a seemingly beniegn file like tmp.txt.
you could name your file .myfile (that way root would have to ls -a to see it).
You could call it ".. " ( dor dot space ) , just like viruses do.