Find the answer to your Linux question:
Results 1 to 8 of 8
Hi, Is it possible to set the permissions (or use some utility) which : 1)Only allows files to only be accessed by a given user 2)which cannot be "overrided" by ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Aug 2011
    Posts
    2

    File permissions to restrict access (like Windows XP encryption)


    Hi,

    Is it possible to set the permissions (or use some utility) which :

    1)Only allows files to only be accessed by a given user
    2)which cannot be "overrided" by root
    3)which does not require a password in order to access the files

    Something like Windows XP encryption.

    Thanks

  2. #2
    Linux Engineer hazel's Avatar
    Join Date
    May 2004
    Location
    Harrow, UK
    Posts
    1,258
    Quote Originally Posted by artella View Post
    Hi,

    Is it possible to set the permissions (or use some utility) which :

    1)Only allows files to only be accessed by a given user
    2)which cannot be "overrided" by root
    3)which does not require a password in order to access the files

    Something like Windows XP encryption.

    Thanks
    You could try the acl facility. man acl will give you a synopsis.
    "I'm just a little old lady; don't try to dazzle me with jargon!"
    www.hrussman.entadsl.com

  3. #3
    Just Joined!
    Join Date
    Aug 2011
    Posts
    2
    Hi, thanks. So if you then moved the file to another computer would it still be viewable? I was looking for something like Windows XP certificates, which would not allow the file to be viewed on another computer without the relevant certificate.

  4. $spacer_open
    $spacer_close
  5. #4
    Trusted Penguin
    Join Date
    May 2011
    Posts
    4,353
    Then encrypt the file with gpg. It is likely already installed on your system ("which gpg").

    With GPG, you can encrypt your file symmetrically (using a password to protect it), or asymmetrically (using public/private key pairs).

    The former way, just do:
    Code:
     gpg -o myfile.gpg -c myfile.txt
    You will be prompted to enter a passphrase to protect the file. The new file "myfile.gpg" is created.

    To decrypt it:
    Code:
    gpg -o myfile.txt -d myfile.gpg
    You will be prompted to enter the passphrase to decrypt the file.

    To use asymmetrical encryption, you'll need to generate keys first, then share your public key with some trusted peer (who will import this into their keyring). Then you can encrypt and sign your file and only someone with your public key can decrypt it.

  6. #5
    Linux Newbie
    Join Date
    Jun 2004
    Location
    Halesowen, West Midlands, UK
    Posts
    107
    Quote Originally Posted by hazel View Post
    You could try the acl facility. man acl will give you a synopsis.
    Also have a look at "man setfacl" and "man getfacl".

  7. #6
    Linux Enthusiast Mudgen's Avatar
    Join Date
    Feb 2007
    Location
    Virginia
    Posts
    664
    Quote Originally Posted by Siddly View Post
    Also have a look at "man setfacl" and "man getfacl".
    Which will tell you that root as well as owner can change ACLs. Atreyu's encryption suggestion is probably the only way to hide from root. You can also do an encrypted filesystem mountable in user space, with the user being the only one with the key.

  8. #7
    Just Joined!
    Join Date
    Feb 2007
    Posts
    22

    eCryptfs might be worth a look

    I hear that eCryptfs can encrypt files as they are written and decrypt them as they are read, using your logon password to store your encryption password. I haven't used it, but it sounds useful

  9. #8
    Just Joined!
    Join Date
    Jul 2006
    Location
    localhost
    Posts
    31
    I don't think there are any permissions which can actually replace encryption.

    Have a look at encrypted home folders, I think most major distros have a way of doing it (the solution posted by anotherzeb sounds interesting as well).

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •