37
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 22 Jun 2024
37 points (93.0% liked)
Linux
45393 readers
1316 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 5 years ago
MODERATORS
"undoing the protection should include filling in a password" That sounds like an encrypted drive. There are USB keys that'll require software to enter an encryption password before you can do anything (including deleting the contents).
If you're on Windows, try Bitlocker or Veracrypt. You can create hard disk images that can be mounted temporarily with a password.
Same can also be done on other operating systems, though I don't know what tools yours come with.
In a pinch, you can just create a password protected 7zip archive, though viewing and editing those files usually involves a temporary copy.
There's no way to prevent a file that's loaded in memory from making it back to the disk. The best you can do is also encrypt the system drive so only people who know the encryption password can boot the computer that's accessing these files.
It seems I wasn't clear as most people misunderstood me.
But, to give a very precise example; say
~/some/folder.chattr,chmodorchownor similar utilities that remove access as long as one doesn't have elevated privileges.Then, what prevents whosoever, to copy that file through cloning the complete disk?
Even if they're not able to get past the password, it will be found on the cloned disk. SO, basically, I ask for some method that prevents the file to even be copied through a disk clone. I don't care that it has three passwords protecting it. What I want is for the disk clone (or whatever sophisticated copy/mv/cut or whatsoever utility exists) to somehow fail while trying to attempt the action on the protected files.
Oh that's quite simple! Just don't have the files on the first disk in the first place. Make them a remote mount from a server, for example via sshfs, webdav, etc. Heck, even ftp if it comes down to it. That way, even though you can clone the disks, you can not get to the files if you don't also have the full authentication requirements for the remote server (such as a password).
At a conceptual level, you can't do anything via
rootto prevent someone who clones the disk from... well, cloning the disk. Having physical access to a disk is a much higher level of access than even root, so if what you are looking for is for your content to not be cloned, you need to fortify physical access to the device.Understood. Thank you!