LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 03-01-2012, 05:19 AM   #1
karanace
LQ Newbie
 
Registered: Mar 2012
Posts: 2

Rep: Reputation: Disabled
Is it possible to deny super user to access a file/folder in linux.


Hello
I am trying to create a folder locking application .
In which if folder is locked.Only way to open that folder i by entering the password even root should not be able to open it.
Is it Possible

Any Guidance is Appreciated
 
Old 03-01-2012, 05:46 AM   #2
Doc CPU
Senior Member
 
Registered: Jun 2011
Location: Stuttgart, Germany
Distribution: Mint, Debian, Gentoo, Win 2k/XP
Posts: 1,099

Rep: Reputation: 344Reputation: 344Reputation: 344Reputation: 344
Hi there,

Quote:
Originally Posted by karanace View Post
I am trying to create a folder locking application .
In which if folder is locked.Only way to open that folder i by entering the password even root should not be able to open it.
Is it Possible
not by using the standard Unix mechanisms. It's part of the design that the root user is granted access to any file.
If you want to lock out any user regardless of their privileges (including root), you might consider encryption instead of just denying access. That way, anybody may access the file, but it's just garbage without knowing the decryption key.

[X] Doc CPU
 
Old 03-01-2012, 03:32 PM   #3
BlackRider
Member
 
Registered: Aug 2011
Posts: 295

Rep: Reputation: 101Reputation: 101
I don't think you can reach true security if your enemy is All Mighty Root Itself.

Even if you use encryption (openssl, cryptsetup, etc), All Mighty Root is the Owner of the Machine. He can install keyloggers to track your activities, perform "undelete" techniques on temporal folders and carry out many actions than will allow Him to discover what are you daring to do in His Holy Machine.

In short: if All Mighty Root is a skilled professional administrator, He will own your data if so is His will. If He is not, you can take the risks if and use encryption. I recommend dm-crypt plus an easy script to mount or umount it. At the end, it depends on your threat model and your adversaries.

Last edited by BlackRider; 03-01-2012 at 03:33 PM.
 
Old 03-01-2012, 03:38 PM   #4
Doc CPU
Senior Member
 
Registered: Jun 2011
Location: Stuttgart, Germany
Distribution: Mint, Debian, Gentoo, Win 2k/XP
Posts: 1,099

Rep: Reputation: 344Reputation: 344Reputation: 344Reputation: 344
Hi there,

Quote:
Originally Posted by BlackRider View Post
Even if you use encryption (openssl, cryptsetup, etc), All Mighty Root is the Owner of the Machine. He can install keyloggers to track your activities, perform "undelete" techniques on temporal folders and carry out many actions than will allow Him to discover what are you daring to do in His Holy Machine.
if you're that paranoid, you'll never have anything near security unless you're root yourself.

But usually, the root user (administrator) should be considered a trustworthy person. If you don't have that confidence, you should look for someone else or run your own server. However, that requires a lot of knowledge and experience. A machine that is connected to the internet and operated by an unskilled admin is a potential threat to other services.

[X] Doc CPU
 
Old 03-01-2012, 04:37 PM   #5
BlackRider
Member
 
Registered: Aug 2011
Posts: 295

Rep: Reputation: 101Reputation: 101
Quote:
But usually, the root user (administrator) should be considered a trustworthy person. If you don't have that confidence, you should look for someone else or run your own server.
It depends. Sometimes I use systems which belong to an All Mighty Root who is a bastard, and I take precautions because of that. The fact that He is All Mighty does not turn Him into a good Owner.

By using a system that belongs to a Root who is not you, you are giving Him some trust. I just posted my paranoid message because I was assuming that karanace has reasons not to trust the Root Who Rules the System with His Limitless Powers.

If we are talking about a multiuser computer owned by an average family, I guess that most of the times He Who Rules the Operating System is not a real danger for the users even with His Supreme Wisdom and Domination capabilities. However, there are many reasons why information can leak into the hands of Root, not because He is spying on you, but because He is doing Maintenance. If He is using a packet sniffer to trouble shot a network, or reviewing the logs, or fixing a misconfiguration caused by an user by entering in his $HOME folder, there is a chance that He will discover information you preferred to be secret.
 
Old 03-01-2012, 05:12 PM   #6
Skaperen
Senior Member
 
Registered: May 2009
Location: center of singularity
Distribution: Xubuntu, Ubuntu, Slackware, Amazon Linux, OpenBSD, LFS (on Sparc_32 and i386)
Posts: 2,796
Blog Entries: 31

Rep: Reputation: 176Reputation: 176
Root has full access to the kernel. The kernel has full access to everything. Therefore root has full access to anything.

Short answer: no

You could do things like encrypting the file, making it useless to root. But this is not secure as it is still vulnerable to the evil maid attack, where root+kernel are the evil maid. If you decrypt the data on the same machine, the evil maid's planted software can capture either the encryption passphrase, or the decrypted data.

If it's a file server or backup server and the data is already encrypted when it comes in, root isn't going to know what to do with it. It might give it back unchanged. It might mangle it but could detect that. It might throw it away, but you'd figure that out, too.
 
Old 03-01-2012, 05:26 PM   #7
Doc CPU
Senior Member
 
Registered: Jun 2011
Location: Stuttgart, Germany
Distribution: Mint, Debian, Gentoo, Win 2k/XP
Posts: 1,099

Rep: Reputation: 344Reputation: 344Reputation: 344Reputation: 344
Hi there,

Quote:
Originally Posted by Skaperen View Post
Root has full access to the kernel.
yes, and that's the important difference between the rights management in Linux and Windows. In Windows, the root user (or Administrator, for that matter) is subordinated to the kernel. There's the "Administrator" account that can do almost anything, and there's the "SYSTEM" account that can lock out even the Administrator.
That's why tools like the "PowerPrompt" have their reason to exist - a console that runs with the privileges of "SYSTEM", not only "Administrator".

[X] Doc CPU
 
Old 03-01-2012, 05:40 PM   #8
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
Quote:
Originally Posted by karanace
Only way to open that folder i by entering the password even root should not be able to open it.
Short answer: encrypt it. Use a vetted program / cipher, and a strong key.

Longer answer: if root is untrusted, that's probably not enough. Get a FIPS 140-2 Level 3 certified USB drive. Keep your sensitive files on that.

Last edited by anomie; 03-01-2012 at 05:58 PM. Reason: pared lewdness.
 
Old 03-01-2012, 07:23 PM   #9
Skaperen
Senior Member
 
Registered: May 2009
Location: center of singularity
Distribution: Xubuntu, Ubuntu, Slackware, Amazon Linux, OpenBSD, LFS (on Sparc_32 and i386)
Posts: 2,796
Blog Entries: 31

Rep: Reputation: 176Reputation: 176
You still have to trust the platform(s) you plug the secure drive into, or else don't key it in. You have to know what you trust, and also know if anything you don't trust might be in the mix.

Have you checked your keyboard cable today?
 
Old 03-01-2012, 11:45 PM   #10
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
If that's the direction we're going, then try this:

http://tinfoilhat.shmoo.com/

(Specifically designed to avert hardware keystroke logging.)
 
Old 03-02-2012, 03:03 AM   #11
BlackRider
Member
 
Registered: Aug 2011
Posts: 295

Rep: Reputation: 101Reputation: 101
Quote:
You still have to trust the platform(s) you plug the secure drive into, or else don't key it in.
Correct. Even if your Hardware Encrypted files aren't leaked during decryption, if you process them with an application (Libreoffice, vim, whatever), this application could be leaking information to temporal folders. The usability of this data may vary. Even if you delete the temporal files, Root can perform an undelete action on the affected filesystem and recover some information.

Quote:
Root has full access to the kernel. The kernel has full access to everything. Therefore root has full access to anything.
You don't even need to modify the kernel or change the initramfs (if any). [...]

EDIT: I had described a basic way for Root to intercept a password, but I am not sure if that complied with the rules of this forum. Just think that Root + Bourne Shell abilities = Your password belongs to Him!

Last edited by BlackRider; 03-02-2012 at 03:10 AM.
 
Old 03-02-2012, 09:51 AM   #12
Skaperen
Senior Member
 
Registered: May 2009
Location: center of singularity
Distribution: Xubuntu, Ubuntu, Slackware, Amazon Linux, OpenBSD, LFS (on Sparc_32 and i386)
Posts: 2,796
Blog Entries: 31

Rep: Reputation: 176Reputation: 176
Quote:
Originally Posted by BlackRider View Post
EDIT: I had described a basic way for Root to intercept a password, but I am not sure if that complied with the rules of this forum. Just think that Root + Bourne Shell abilities = Your password belongs to Him!
Root == MitM, Evil Maid, etc
 
Old 03-03-2012, 12:22 AM   #13
puneetone
LQ Newbie
 
Registered: Feb 2010
Location: delhi, India
Distribution: ubuntu 8.04
Posts: 3

Rep: Reputation: 0
Smile how protect your data from root user.... simple

First option is for you use PeaZip which is a cross-platform archiver. you could lock your data safely and leave it any where on network safely.
You can also delete your stuff securely without any chances of recovery using multi pass delete option. PeaZip comes in two formats, (a) installable on Desktop (windows, GNU/Linux..). (b) Portable installed on a Pen drive.
Suit your self.

There is another alternative, use Truecrypt to safe guard your data. It hides the data and makes it difficult for anyone to guess existence of data on PC.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
deny a user access to specific command krock923 Linux - Security 7 10-11-2012 03:04 PM
deny user access to phpinfo ddaas Linux - Security 4 05-05-2009 10:26 AM
deny access sftp to aaa user procfs Linux - Newbie 6 01-17-2008 11:07 PM
mySQL deny user access to database blizunt7 Programming 3 10-10-2007 09:34 AM
how to deny user to use ftp to access system ust Linux - Software 4 05-23-2005 08:39 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:07 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration