Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
this is done for you when you set the file's permissions...
for example, if you do a:
chmod 755 example.tar.gz
that sets the permissions of example.tar.gz to rwxr-xr-x, which makes it impossible for someone (on your system) to edit the file without knowing your password or using an exploit...
you can also (for example) set the permissions to 700 (rwx------), which would make it impossible for other users to even see the file's contents...
Originally posted by win32sux this is done for you when you set the file's permisions...
for example, if you do a:
chmod 755 example.tar.gz
that sets the permissions of exmaple.tar.gz to rwxr-xr-x, which makes it impossible for someone to edit the file without knowing your password or using an exploit...
you can also (for example) set the permissions to 700 (rwx------), which would make it imposible for other users to even see the file's contents...
I'm not the OP, but I have a related question.
What if I wanted to send the file to someone else? Will the receiver become the owner of the file once he copies it? Or what if I place it on the FTP site? Can anyone who has access to the site grab it and open it up?
I'm not sure if this is available with Linux, but some UNIX systems such as Solaris offer the command called "crypt," which lets you encrypt/decrypt files with your own password. That might be a more secure way than changing the file permissions.
yeah, once you actually download the file you can set whatever permissions you want on it... but if you didn't have read permissions for the file in the first place, then you wouldn't have been able to download it at all (without the owner's password or an exploit)...
oh, and you're right, the only way to effectively protect the file even after it has fallen into someone else's hands is to use encryption...
Originally posted by win32sux yeah, once you actually download the file you can set whatever permissions you want on it... but if you didn't have read permissions for the file in the first place, then you wouldn't have been able to download it at all (without the owner's password or an exploit)...
oh, and you're right, the only way to effectively protect the file even after it has fallen into someone else's hands is to use encryption...
Thanks for the response. I'm glad I wasn't too far off.
you can use the command
gpg -c <filename>
then it will ask for the passphrase,
you can type the password and retype it
after that you will get one file having .gpg extension
it is an encrypted file..
for decrypting you should type the command
gpg <filename>
thanks for posting vipindas, this was the first hit on google and it helped me out. Quick and good solution
crowdriver, I'm glad you found his post useful. That said, I'm sure others did too, and they did not need to post back encouraging him to keep resurrecting dead threads. You've only been here for one day, so it's understandable that you aren't familiar with our dead thread policies. Hopefully we can now let this thread rest in peace, and we can focus on the ones that are alive.
LouAlbano, if you have questions/complaints about moderation issues, I ask you to please make direct contact with the moderator(s) instead, as this isn't the proper venue. That said, I'm closing this zombie thread.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.