somebody is looking my files
Hello,
I would like to know how I can detect who access my account. I am a simple user and I change the permissions of my directories so that only me and root and/or super users can see my files. However, I would like to know what root/superusers do when they get into my account or if somebody try to see my files. Thanks in advance. |
You can tell the last time a file was accessed via the file's inode "access" time. This won't tell you who accessed the file, but if you keep good records (or if you haven't accessed the file in a long time yourself), you could use it to tell when it was last touched, assuming the "touch"ers didn't cover their tracks.
You could try either: Code:
perl -e 'print "Last Access: ".(localtime((stat("file_in_question"))[8]))."\n";' I guess a better answer would be that if you can't trust your server admins, you have bigger problems ;) |
Denying file access to root (possible?)
Suppose I've a file named passwd which contains a list of my passwords
Is it possible to deny access to this file to root? If not atleast can I encrypt the file so that even root cannot decipher it? |
It's not possible to deny the root user (or any "administrative" user via "su" or "sudo") access to any file you own. No matter what the permissions, root always has access (with possible exception of /proc filesystem).
You can encrypt the data with something like the GNU Privacy Guard (GPG) or another encryption program. It's possible to encrypt the file with a good password so that, even though root can "access" the file, they cannot "unlock" it. One possible problem with this is that the admin users could employ a keystroke or terminal logging utility to capture your password should you unlock the file. Again, this all goes back to my previous comment - if you can't trust the server admins, who can you trust? Maybe your file is best kept elsewhere. |
For some reason Linux doesn't come with the generic UNIX crypt program, at least my copy of Mandrake didnt. I believe there are copies of it you can download though.
Also, check the man page for vi... it has a -x option for handling encrypted files. |
All times are GMT -5. The time now is 05:02 PM. |