3

How to make an application like Gnote or Tomboy ask for a password when launching them from my user account.

Jorge Castro
  • 71,754
seeker
  • 430
  • 2
    Linux is meant to be used by a single user per account. If you just don't let anyone use your account, nobody should be able to read your notes. Or make a TrueCrypt image where you put your files into. – Martin Ueding Jun 17 '12 at 19:09
  • @queueoverflow my intention was find whether it is doable, if it is I am more than happy to use it. – seeker Jun 18 '12 at 03:54
  • 1
    Nope, it is not that easy. It is just easy to set up a password for a whole account and for all the files for that account. – Martin Ueding Jun 18 '12 at 09:09
  • 1
    @queueoverflow Can you add an answer? A negative answer is a valid answer if you believe its not possible. Thanks. – fossfreedom Jun 18 '12 at 11:57
  • Did my answer help you? Did you find a solution? – Martin Ueding Jun 24 '12 at 15:59

3 Answers3

3

There is no way to protect an application with a password like that.

The easy solution is to use Linux like it is meant to be: Let nobody use your user account. Your account password is the password to all your data.

If you still want to let everyone use your account, you could create a second account, let's call it notes and use that instead. Then you can call:

su notes
tomboy

This will then prompt for the notes's users password.

Or you use a tool like TrueCrypt, create an encrypted container and move your notes into there.

Martin Ueding
  • 8,348
1

enter image description here

Use this script to ask password in dialog box then start the app. If password is correct, then it decrypt the full path of your app to run it.

Before use the script, try to hide your app on your computer, then use this command to encrypt the full path of your app. It ask for your password then encrypt and code in base64, the full path: echo -n "/Path/To/Your/Application" | openssl enc -aes256 -a -pbkdf2

The script require yad to show the dialog box: sudo apt install yad

#!/bin/bash
#
# Require yad:
# $ sudo apt install yad
#
# Before use it, use these command to get the full path of your application, encrypted and coded in base64, with your password:
# $ echo -n "/Path/To/Your/Application" | openssl enc -aes256 -a -pbkdf2

function main
{
password=$(yad --text-align=center --text="Password" --entry --entry-text="" --hide-text --fixed --title="" --button=OK)


data="xxx" # replace xxx by the full path of your app encrypted and coded in base64 with the upper command


MyApp=$(echo "$data" | openssl enc -aes256 -d -a -pbkdf2 -pass pass:"$password")
$password=""


test if file exist


if [ -a $MyApp ]
then
    $MyApp # run your application
    exit 0
else
    notify-send "Incorrect" "$x/3"
fi
}


limit try


x=1
while [ $x -le 3 ]
do
  main
  x=$(( $x + 1 ))
done


exit 0
NicolasSmith
  • 1,031
1

You can launch the application with gksudo to start it in super-user mode, e.g. to start Tomboy issue the command gksudo tomboy. You'll be presented with a graphical password prompt and after you enter correct password the application will be started in super-user(root) mode.

However, if you want to change this behaviour in the Application Menu then you have to change the Exec= line of the .desktop file corresponding to the application by adding gksudo after Exec= .i.e. Exec=gksudo tomboy. You can also do it using alacarte or Menu Editor, just find the right application menu-item, go to Properties and edit its Command field and add a gksudo before whatever is there.

Samik
  • 2,660
  • Uhm, that is pretty useless, unless the data file is also owned by root. – Martin Ueding Jun 17 '12 at 19:09
  • @queueoverflow If the application is started in super-user mode, then the data files generated by it should inherit the same permission, isn't it? – Samik Jun 17 '12 at 19:12
  • @Samik This does not work if you don't have sudo access on the system. I want to set a password different from my sudo password. – seeker Jun 18 '12 at 03:57
  • What you can do is to create another user, so that you have your account and the notes account. Then you can start it with su notes-user tomboy and have the files in /home/notes-user/. It should work, but it would be way easier to just not let anyone use your account in the first place. – Martin Ueding Jun 18 '12 at 09:10