Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I suggest that members should refresh their understanding of the LQ Rules;
Quote:
Do not post any messages that are obscene, vulgar, sexually-orientated, hateful, threatening, hostile or insulting.
Personal attacks on others will not be tolerated.
Flame Wars will not be tolerated.
Do not post if you do not have anything constructive to say in the post.
When posting in an existing thread, ensure that what you're posting is on-topic and relevant to the thread. If the content of your post will interfere with the current discussion, you should start a new thread.
Please consider the LQ Rules when responding to each other.
On Ubuntu, the simplest way would be just to create the directory as root. However any ordinary user could use sudo to access the directory unless you disable that capability for the users in question.
If the data is meant for your eyes only, then personally I would create an encrypted container for the data (using e.g. VeraCrypt) and mount it yourself only when you need access to it.
That's correct, changing ownership and moving the directory to a location that's only accessibly as root will hide it from other user accounts, but not necessarily from other users, if those users also have the ability to become root. It will also not protect against somebody booting another OS (like a live USB) and mounting the drive from there.
You could use an encrypted container (I often do this on my own computers, especially laptops that will be taken on the road, to protect sensitive data against thieves), but unfortunately whenever this container is mounted, your data will again be exposed to anybody else on the machine who has root access. Whether or not this is a problem depends entirely on the intended usage of the machine...who else has access, and more importantly, who else has sudo/root access, and when.
Last edited by suicidaleggroll; 02-09-2017 at 02:36 PM.
See his latest response. It is very important that this question was asked and answered, or he never would have received an answer that satisfied his underlying goal.
The reason people ask probing questions like this is that the English language (all languages) is ambiguous. "Hidden" means different things to different people. The reasons for asking the question can help to clarify what is really being asked, and the responses can be adjusted to suit, which is EXACTLY what has happened in this thread.
You could use an encrypted container (I often do this on my own computers, especially laptops that will be taken on the road, to protect sensitive data against thieves), but unfortunately whenever this container is mounted, your data will again be exposed to anybody else on the machine who has root access. Whether or not this is a problem depends entirely on the intended usage of the machine...who else has access, and more importantly, who else has sudo/root access, and when.
Yup. For the encryption solution, I was hoping/assuming that this was a machine that could only be used by one physical user at a time, and additionally that no-one could have remote access - hopefully the OP will get back to us on this one.
If that is the case, OP could mount the data when required and then unmount it back to its encrypted state whenever finished, and most certainly before handing access to the machine over to any other users.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.