Linux

65422 readers

410 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 7 years ago

MODERATORS

nooter692@lemmy.ml

AgreeableLandscape@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz

App Lock under Linux? (lemmy.ml)

submitted 1 day ago by eugenia@lemmy.ml to c/linux@lemmy.ml

18 comments fedilink hide all child comments

Friend asks: I would like to make an app to ask for authentication before launching. I can do that on MacOS via creating an encrypted disc image and put the app in there, and windows has robust third party tools for it. But how would you go about it on Linux, especially since it's a .deb (that gets auto-updated all the time via its repo) and not an appimage/flatpak? Others need access to the user account, but I want to restrict that one app. Creating a different user account for it is out of the question btw, since you can still change the password for that user via the primary admin account. Also, I don't want to be running full VMs that take forever to boot to use that one app. Is there any simple way to lock an app under Linux?

you are viewing a single comment's thread
view the rest of the comments

[–] chgxvjh@hexbear.net 4 points 1 day ago (1 children)

Creating a different user account for it is out of the question btw, since you can still change the password for that user via the primary admin account.

It's Linux, on the local machine the root account is always going to be able to do things.

[–] eugenia@lemmy.ml 2 points 1 day ago (1 children)

Not if you have an encypted folder etc, with a different password than the user account. That way, is safe even from the root account. The problem here is that the app is a .deb, it doesn't come as an appimage, and it needs constant updating too. So it's the main system executable file that I want to make user-authenticating, with a different password than that of the user account.

[–] mlfh@lm.mlfh.org 1 points 1 day ago (1 children)

Nothing at all is safe from the root account, or from any user that can elevate to root. Think of the root account as the system itself - the thing you're trying to protect may be encrypted and safe at rest if you've brought it in from elsewhere, but as soon as you enter a password and decrypt it, you're handing that password and decrypted data over to a system fully controlled by that root account.

[–] eugenia@lemmy.ml 1 points 23 hours ago* (last edited 23 hours ago) (1 children)

Yes, there is. If a folder or file is encrypted (with a different password), it is safe from root too. That's what I'm after. Root can't change the password of an encrypted volume.

[–] mlfh@lm.mlfh.org 1 points 16 hours ago* (last edited 16 hours ago)

But root can scrape that password as soon as you enter it, and has access to that encrypted data as soon as you decrypt it. That's what I'm saying.

If you think anything on a *nix system is "safe" from root or a user that can elevate to root, you're deluding yourself with wishful thinking.