Password Protection

[Lanx]

I use Ubuntu 7.10, and I find the password protecting for documents to be really neat. It's very simple to lock up a text document, but I was wondering if there was a way to lock folders as well. I couldn't find anything about it under "properties"

[anomie]

Is encryption a requirement? How about using standard filesystem permissions to control access?

[Lanx]

Is encryption a requirement?

I just want to be the only want that can access the folder, if I can do that without an encryption, that by all means.

How about using standard filesystem permissions to control access?

how?

[anomie]

I suppose it will depend on a) how savvy other users on the box are; b) whether those users are sudoers.

$ sudo chown your_user:your_group /directory/here
$ sudo chmod 700 /directory/here

should do the trick.

But this is useless if other users are able to run sudo. Explain some more about your situation: are you hiding a directory from a 12 year old novice, or are you hiding a directory from IT pros?

If the former, simple filesystem permissions changes should be more than adequate. If the latter, you can make access more difficult by using an encrypted partition or, if the directory is small enough in size, tarring it and gpg encrypting the tarball.

[Lanx]

I'm sorry if I'm being dense here but what is "your_group" and "here"

I don't think I'll need any further security that what sudo can offer...they would be about as computer savvy as the 12 year old...not unlike myself *chuckles*

[anomie]

Well, group is not a big deal here because you're going to be removing group-level (and world-level) permissions anyway. But to see what group you're in, use the command:

$ id

You'll see a UID entry (followed by your username in parens) and a GID entry (followed by your primary group in parens).

Example output:

Code:

$ id
uid=1001(bevo) gid=1001(horns) groups=1001(horns),0(wheel)

With this information, and assuming the fully qualified path to your "secret" directory is /home/bevo/secret, you could substitute values from my original commands as follows:

$ sudo chown bevo:horns /home/bevo/secret
$ sudo chmod 700 /home/bevo/secret

(If other users share the 'bevo' account with you, this won't be of much use. .)

Keep in mind that this is trivial to bypass by anyone who a) has Unix knowledge; b) is a sudoer on your box. If you can eliminate other sudoers on the box then you're in good shape for the purposes you described.

Finally, I recommend heading down to the local library or book store and picking up a book on Linux for beginners. You made it this far, so might as well take it to the next level.

[Lanx]

Hmm...nothing happens. After I put in those two lines and press enter, a new line for entering text pops up, and nothing is different with the file...but I'm starting to think that even if I did enable it, it wouldn't do what I want it to. Basically what I want is if I'm away or something and someone gets curious they can't just pick up my laptop and open up whatever files they want. I think if I went to permissions and set it to "List Files Only" That might be enough security for me, but I don't want to have to switch it to that every time I put my computer out of sight.

Finally, I recommend heading down to the local library or book store and picking up a book on Linux for beginners. You made it this far, so might as well take it to the next level.

I will definitely look into that.