Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
03-01-2012, 05:19 AM
|
#1
|
LQ Newbie
Registered: Mar 2012
Posts: 2
Rep:
|
Is it possible to deny super user to access a file/folder in linux.
Hello
I am trying to create a folder locking application .
In which if folder is locked.Only way to open that folder i by entering the password even root should not be able to open it.
Is it Possible
Any Guidance is Appreciated
|
|
|
03-01-2012, 05:46 AM
|
#2
|
Senior Member
Registered: Jun 2011
Location: Stuttgart, Germany
Distribution: Mint, Debian, Gentoo, Win 2k/XP
Posts: 1,099
|
Hi there,
Quote:
Originally Posted by karanace
I am trying to create a folder locking application .
In which if folder is locked.Only way to open that folder i by entering the password even root should not be able to open it.
Is it Possible
|
not by using the standard Unix mechanisms. It's part of the design that the root user is granted access to any file.
If you want to lock out any user regardless of their privileges (including root), you might consider encryption instead of just denying access. That way, anybody may access the file, but it's just garbage without knowing the decryption key.
[X] Doc CPU
|
|
|
03-01-2012, 03:32 PM
|
#3
|
Member
Registered: Aug 2011
Posts: 295
Rep:
|
I don't think you can reach true security if your enemy is All Mighty Root Itself.
Even if you use encryption (openssl, cryptsetup, etc), All Mighty Root is the Owner of the Machine. He can install keyloggers to track your activities, perform "undelete" techniques on temporal folders and carry out many actions than will allow Him to discover what are you daring to do in His Holy Machine.
In short: if All Mighty Root is a skilled professional administrator, He will own your data if so is His will. If He is not, you can take the risks if and use encryption. I recommend dm-crypt plus an easy script to mount or umount it. At the end, it depends on your threat model and your adversaries.
Last edited by BlackRider; 03-01-2012 at 03:33 PM.
|
|
|
03-01-2012, 03:38 PM
|
#4
|
Senior Member
Registered: Jun 2011
Location: Stuttgart, Germany
Distribution: Mint, Debian, Gentoo, Win 2k/XP
Posts: 1,099
|
Hi there,
Quote:
Originally Posted by BlackRider
Even if you use encryption (openssl, cryptsetup, etc), All Mighty Root is the Owner of the Machine. He can install keyloggers to track your activities, perform "undelete" techniques on temporal folders and carry out many actions than will allow Him to discover what are you daring to do in His Holy Machine.
|
if you're that paranoid, you'll never have anything near security unless you're root yourself.
But usually, the root user (administrator) should be considered a trustworthy person. If you don't have that confidence, you should look for someone else or run your own server. However, that requires a lot of knowledge and experience. A machine that is connected to the internet and operated by an unskilled admin is a potential threat to other services.
[X] Doc CPU
|
|
|
03-01-2012, 04:37 PM
|
#5
|
Member
Registered: Aug 2011
Posts: 295
Rep:
|
Quote:
But usually, the root user (administrator) should be considered a trustworthy person. If you don't have that confidence, you should look for someone else or run your own server.
|
It depends. Sometimes I use systems which belong to an All Mighty Root who is a bastard, and I take precautions because of that. The fact that He is All Mighty does not turn Him into a good Owner.
By using a system that belongs to a Root who is not you, you are giving Him some trust. I just posted my paranoid message because I was assuming that karanace has reasons not to trust the Root Who Rules the System with His Limitless Powers.
If we are talking about a multiuser computer owned by an average family, I guess that most of the times He Who Rules the Operating System is not a real danger for the users even with His Supreme Wisdom and Domination capabilities. However, there are many reasons why information can leak into the hands of Root, not because He is spying on you, but because He is doing Maintenance. If He is using a packet sniffer to trouble shot a network, or reviewing the logs, or fixing a misconfiguration caused by an user by entering in his $HOME folder, there is a chance that He will discover information you preferred to be secret.
|
|
|
03-01-2012, 05:12 PM
|
#6
|
Senior Member
Registered: May 2009
Location: center of singularity
Distribution: Xubuntu, Ubuntu, Slackware, Amazon Linux, OpenBSD, LFS (on Sparc_32 and i386)
Posts: 2,796
Rep:
|
Root has full access to the kernel. The kernel has full access to everything. Therefore root has full access to anything.
Short answer: no
You could do things like encrypting the file, making it useless to root. But this is not secure as it is still vulnerable to the evil maid attack, where root+kernel are the evil maid. If you decrypt the data on the same machine, the evil maid's planted software can capture either the encryption passphrase, or the decrypted data.
If it's a file server or backup server and the data is already encrypted when it comes in, root isn't going to know what to do with it. It might give it back unchanged. It might mangle it but could detect that. It might throw it away, but you'd figure that out, too.
|
|
|
03-01-2012, 05:26 PM
|
#7
|
Senior Member
Registered: Jun 2011
Location: Stuttgart, Germany
Distribution: Mint, Debian, Gentoo, Win 2k/XP
Posts: 1,099
|
Hi there,
Quote:
Originally Posted by Skaperen
Root has full access to the kernel.
|
yes, and that's the important difference between the rights management in Linux and Windows. In Windows, the root user (or Administrator, for that matter) is subordinated to the kernel. There's the "Administrator" account that can do almost anything, and there's the "SYSTEM" account that can lock out even the Administrator.
That's why tools like the " PowerPrompt" have their reason to exist - a console that runs with the privileges of "SYSTEM", not only "Administrator".
[X] Doc CPU
|
|
|
03-01-2012, 05:40 PM
|
#8
|
Senior Member
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Rep:
|
Quote:
Originally Posted by karanace
Only way to open that folder i by entering the password even root should not be able to open it.
|
Short answer: encrypt it. Use a vetted program / cipher, and a strong key.
Longer answer: if root is untrusted, that's probably not enough. Get a FIPS 140-2 Level 3 certified USB drive. Keep your sensitive files on that.
Last edited by anomie; 03-01-2012 at 05:58 PM.
Reason: pared lewdness.
|
|
|
03-01-2012, 07:23 PM
|
#9
|
Senior Member
Registered: May 2009
Location: center of singularity
Distribution: Xubuntu, Ubuntu, Slackware, Amazon Linux, OpenBSD, LFS (on Sparc_32 and i386)
Posts: 2,796
Rep:
|
You still have to trust the platform(s) you plug the secure drive into, or else don't key it in. You have to know what you trust, and also know if anything you don't trust might be in the mix.
Have you checked your keyboard cable today?
|
|
|
03-01-2012, 11:45 PM
|
#10
|
Senior Member
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Rep:
|
If that's the direction we're going, then try this:
http://tinfoilhat.shmoo.com/
(Specifically designed to avert hardware keystroke logging.)
|
|
|
03-02-2012, 03:03 AM
|
#11
|
Member
Registered: Aug 2011
Posts: 295
Rep:
|
Quote:
You still have to trust the platform(s) you plug the secure drive into, or else don't key it in.
|
Correct. Even if your Hardware Encrypted files aren't leaked during decryption, if you process them with an application (Libreoffice, vim, whatever), this application could be leaking information to temporal folders. The usability of this data may vary. Even if you delete the temporal files, Root can perform an undelete action on the affected filesystem and recover some information.
Quote:
Root has full access to the kernel. The kernel has full access to everything. Therefore root has full access to anything.
|
You don't even need to modify the kernel or change the initramfs (if any). [...]
EDIT: I had described a basic way for Root to intercept a password, but I am not sure if that complied with the rules of this forum. Just think that Root + Bourne Shell abilities = Your password belongs to Him!
Last edited by BlackRider; 03-02-2012 at 03:10 AM.
|
|
|
03-02-2012, 09:51 AM
|
#12
|
Senior Member
Registered: May 2009
Location: center of singularity
Distribution: Xubuntu, Ubuntu, Slackware, Amazon Linux, OpenBSD, LFS (on Sparc_32 and i386)
Posts: 2,796
Rep:
|
Quote:
Originally Posted by BlackRider
EDIT: I had described a basic way for Root to intercept a password, but I am not sure if that complied with the rules of this forum. Just think that Root + Bourne Shell abilities = Your password belongs to Him!
|
Root == MitM, Evil Maid, etc
|
|
|
03-03-2012, 12:22 AM
|
#13
|
LQ Newbie
Registered: Feb 2010
Location: delhi, India
Distribution: ubuntu 8.04
Posts: 3
Rep:
|
how protect your data from root user.... simple
First option is for you use PeaZip which is a cross-platform archiver. you could lock your data safely and leave it any where on network safely.
You can also delete your stuff securely without any chances of recovery using multi pass delete option. PeaZip comes in two formats, (a) installable on Desktop (windows, GNU/Linux..). (b) Portable installed on a Pen drive.
Suit your self.
There is another alternative, use Truecrypt to safe guard your data. It hides the data and makes it difficult for anyone to guess existence of data on PC.
|
|
|
All times are GMT -5. The time now is 01:07 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|