How to check if someone viewed my files?
Hi!
Is there any way of checking if any other user on the same server (same home directory) who has access to my files (normal files with read-write permission) has been reading my files? Maybe some kind of a log of users browsing my files and viewing them? Thanks for any help, Peter |
No, not really. There is a last access time on files, but it's easily turned off:
ls -lu |
There is usually a log of users logged in and what time. Sometimes network traffic logs can tell what sort of info in requested. Why not ask the sysadmin?
You can also tell if files have been tampered with by checking the timestamps. If someone views a file, the timestamp will say when. Keep a copy when you logout. Note... anyone with user-access to your home directory is assumed to be reading your files. Do not assume anything else. Why would this question even come up? |
How to turn it off?
Quote:
Cheers, Peter |
Remount the partitions with the noatime option, or add it to /etc/fstab. While the last access time is useful for some types of backup, it is a performance hit. I generally turn it off on all partitions. See 'man mount' and 'man fstab'. For example:
mount -t ext3 /dev/hda3 / -o remount,noatime |
Quote:
Great, thanks a lot!! Peter |
Ommit access timestamp
Btw, is there any possibility, that someone viewed my file (e.g. with command more) and didn't change access time - so when I check:
ls -ut or stat <file> I don't see any change?? Cheers, Peter |
Yes, that's what I said in post #2.
|
... with instructions in post #5
-noatime = no access time. From the mount(8) man page Code:
noatime If the user does not have root access, then this is not a concern unless the admin has used this option on your home partition (to avoid aforesaid performance hit say.) Again: why not ask sysadmin? If the user does have root access... then your only recourse to guarantee privacy is encryption. |
Even encryption does not guarantee privacy, if the encryption is done on the computer (hint: keyloggers, memory dumps, etc.)
If you don't trust root with your work, don't use the system. |
Quote:
Just ask the Pharaohs. However, there is such a thing as making it annoyingly difficult. You can keep your keys on a removable drive... |
All times are GMT -5. The time now is 02:18 PM. |