how to hide the mount point from user ?

vinayak099 · 01-23-2014, 03:04 AM

Hi,

I am just doing some R&D on Unified File System and my requirement is to hide the new mount point mointed with UFS should be hidden for some security reasons (without unmounting). Might be my requirement is strange. Please help me in getting the answer. if it is impossible then atleast show me the way to hide the files and directories under mount point (files and directories should not list out using any command).

ex :
Before mounting with UFS
# ls /dev/sdb
dir1 file1 link1

# ls /dev/sdc
dir1 dir4 link1

After mounting with UFS

mount -t unionfs -o dirs=/dev/sdb=rw:/dev/sdc=rw unionfs union2

# ls union2
dir1 dir4 file1 link1

Now files and and directories are merged.

but we can see the mount point and the files under it. How to hide this mounted directory ? orelse atleast hide the contents ? is there anyway to do it ?

druuna · 01-23-2014, 03:14 AM

Why would you want to hide mount points and/or its content? I'm not even sure this is possible.

If the system is set up correctly than the permissions on directories and files will make sure that a user cannot enter/view/edit/execute these. If the basic Unix/Linux permissions aren't good enough to do this you could use ACL's for a more fine-grained setup.

Hiding mount-points (and/or directories/files) is security by obscurity, which shouldn't be done. Don't hide it, make sure the permissions are set up correctly.

vinayak099 · 01-23-2014, 03:27 AM

Yeah you are right it is a security breach.

Well I will explain with an example why I need it.

assume there is a application which is performing I/O on that particular mount point and storing and reading some important data (data should not be stored in encrypted format as those files will be read and written much frequently. If we provide encryption layer in between then access will become slow). If user normally goes and does "ls" on that mount point then he can easily see the files which is not expected.

Basically if user does "ls" on the mount point, it should not display anything.

As you say, If I set permission on that then I/Os will get failed.

druuna · 01-23-2014, 04:12 AM

Quote:

Originally Posted by vinayak099

Yeah you are right it is a security breach.

I did not say that. Up to this point I don't see anything that points to a security breach.

Quote:

assume there is a application which is performing I/O on that particular mount point and storing and reading some important data (data should not be stored in encrypted format as those files will be read and written much frequently. If we provide encryption layer in between then access will become slow). If user normally goes and does "ls" on that mount point then he can easily see the files which is not expected.

Basically if user does "ls" on the mount point, it should not display anything.

As you say, If I set permission on that then I/Os will get failed.

The approach you are after is wrong.

First of all:
- If the data used by the application is that important than you should separate it from other data,
- If the data is really, really important than it should be encrypted. Slowness isn't an issue (don't let the hardware dictate your specs, your specs should dictate the hardware).

Secondly: The permissions used (owner, group and world) on files and/or directories should be set according to rules about who is and who isn't allowed access. If, for example, the application data is owned by app1 and group apps and the world (others) do not have any permissions (example: 750 or 770) and normal users are not a member of the apps group than they cannot access the data owned by app1.

If a normal user does need legal access: Make that user member of the apps group.

BTW: Being able to use ls might(!!) not be a problem. They will only be able to see the file names and unless the file/directory names itself contain sensitive info, that might not be a problem.

vinayak099 · 01-23-2014, 07:32 AM

When I mount with unionfs over 2 directories, both will be merged and there will be another mount point along with original mount.

If user creates a file on original mount point it will not be shown in unified mount point. So I dont want to showcase that original mount point.

In other words, original mount point should be hidden or files in that should be hidden (ls should not show anything). So that there will be unified view of both the directories.

In any case user should be able to browse files present in newly created (mounted with unionfs) mount point.

Hope, I am not pulling the things much and confusing.

druuna · 01-23-2014, 07:49 AM

You are stuck with the idea of hiding stuff, which is the wrong approach (and might not be possible). I tried to explain why in my previous replies.

I do believe unionfs has this covered with the possibility to set priority and the use of read-only and read-write file-systems.

I'm not too familiar with unionfs, the above info is from this article: UnionFS

vinayak099 · 01-30-2014, 12:23 AM

Can I do like this ?

Assume that there are two pendrives connected to linux machine.

and we can see both the pendrives connected.

I dont want to see two pendrives on my machine instead it should show only one pendrive which is of size (pendrive1 + pendrive2). Can we hide both and show only one storage ?

something like

when we attach a disk (without partition), we can see one disk. Once we logically divide the disk then there will be multiple disks and integrated disk view is not available.

Anyhing like that. Can we do ?

slimm609 · 02-01-2014, 08:37 PM

You CAN hide a directory but it does require a kernel patch. http://grsecurity.net You will have to set up MAC on the system using grsecurity but you can define what directories can be seen by what users. The hiding of the directories happens at a kernel level so it is the one of the best approaches that you will find on hiding directories from users.

273 · 02-01-2014, 08:47 PM

Apologies if this is out of turn as I don't keep up too much with this kind of thing but might there be some way to use the built-in AES instructions of modern processors to achieve almost transparent encryption? I think that was the aim of them.

voleg · 02-02-2014, 05:25 AM

My 5 cents:
# mount -o bind /parentdir /anotherplace

Then /anotherplace will contain only content of /parentdir without what mounted beneath.

vinayak099 · 02-02-2014, 10:51 PM

Thanks for your kind responses. I will try whatever you suggested. Hope I get the expected result. If not I will Continue the thread again ..

vinayak099 · 02-03-2014, 05:52 AM

@slimm609 : I have downloaded the patch "grsecurity-3.0-3.2.54-201401281850.patch" file from grtsecurity.net.

Getting more confliction when I applied on "linux-3.11". Can you please let me know which version of the kernel does it support ?

If you are comfortable, then can you please point me how it achieves the hiding the things in brief (brief idea).

Thanks in advance/

slimm609 · 02-04-2014, 03:04 PM

Quote:

Originally Posted by vinayak099

@slimm609 : I have downloaded the patch "grsecurity-3.0-3.2.54-201401281850.patch" file from grtsecurity.net.
Getting more confliction when I applied on "linux-3.11". Can you please let me know which version of the kernel does it support ?

the filename will always contain the version of the kernel. In this case the one you downloaded is for 3.2.54 kernel.

John VV · 02-04-2014, 03:37 PM

you can always put a "." in front of it and make it a dot folder

but that really is NOT HIDING

is is a basic protection from making a mistake and deleting a SYSTEM FILE
like the ~/.config folder in your home folder.

Partitions are normally auto mounted a READ ONLY by non root users

set the correct permissions so that ONLY root and the one user can read the partition

then other users will not be able to ever read the data .

Quote:

I dont want to see two pendrives on my machine instead it should show only one pendrive which is of size (pendrive1 + pendrive2).

that is not hiding a partition

it is a LVM or a raid set up

on on a usb ????
might not be possible .( at least easily )