0

Okay so my brother love to poke his nose in to my business whenever he can I want to make my folders safe from him and I don't want to encrypt the folders or turn it into a compress file is there another way that is password protected, maybe like a 3rd party software or something?

DoasLM
  • 11
  • Not really possible without encryption, if he has local access, and knows how to get to the files. – mikewhatever Feb 27 '16 at 14:30
  • @mikewhatever how come? OP didn't mention that both users have root/sudo, so simply setting proper file/directory permissions would suffice – JustMe Feb 27 '16 at 14:37
  • He will just get on my computer and open some files. I want a way to prevent it if possible. – DoasLM Feb 27 '16 at 14:42
  • Have you thought about using a password for your account? – Charles Green Feb 27 '16 at 14:43
  • I have one, I want to set my files up so when I leave he has to type a password to open a new file. Is there a way to do that with out compressing and password protected? – DoasLM Feb 27 '16 at 14:46
  • @JustMe One way of getting to any non-encrypted files is to boot from a Live DVD/USB. You can mount any partition and changes permissions to suite your needs. Another way is to pull out the HDD and put it in another computer, .... As said, it requires some skills, but isn't difficult. – mikewhatever Feb 27 '16 at 14:56
  • @mikewhatever right - forgot about that. In case anyone else stumbled upon this question - in case user selected encrypted home during installation, then he/she is fairly safe even from malicious person using live boot cd to access files to which s/he is unprivileged. – JustMe Feb 27 '16 at 14:58

2 Answers2

0

If other user doesn't have elevated privileges - such as access to root account or sudo, then You can set file permissions:

chmod o-r path_to_file_or_directory # (with -R to do it recursively)

If other user has possibility of logging into Your account then this won't work.

JustMe
  • 203
  • How Do I get to file permissions? – DoasLM Feb 27 '16 at 14:49
  • To display file permissions You can use ls -l /path/to/file. To set them use chmod command. You can read more about them (what are their types and how do they work) here or here. Those things are entered in terminal, of course. – JustMe Feb 27 '16 at 14:53
  • Using command is the same as Terminal right? – DoasLM Feb 27 '16 at 14:54
  • Well, not going into details - more or less, You input your commands into terminal. Think of commands as of applications without graphical user interface. – JustMe Feb 27 '16 at 14:56
0

You are overthinking this. My understanding of this question is this:

"How can I take reasonable steps to protect my files from prying eyes that are not necessarily experience hackers. i.e., how do I keep my private stuff private form casual inspection."

You don't say if you auto-login to the system, or if you share an account with everyone, including your family. So, some of these suggestions may apply, and some may not. It is up to you to sort this out.

  • First of all, make sure you do not share an account on the system. Create your own account, and protect it with a modestly strong password.
  • If you have a system that support root logins (not all do) then either disable that account or protect it with a different strong password. On systems with root logins I often generate a strong passphrase and then forget about it, once I set up sudo (but this is outside the scope of this answer.)
  • Make sure the system has an auto-lock feature or screensaver options enabled if you run a GUI. If you only work at the text-mode console command line, find a locker for that (they exist) or logout when you are done.

If your family has accounts on this system, you have more to do. If they do not, you are pretty much finished. This is the bare minimum needed to keep casual lookers from poking into your business. (It will not keep real hackers away, but this is beyond the scope of this answer.)

If your family do have accounts on this system, you need to consider how they can use that account to look at your stuff.

  • If they have sudo access, and that access allows them to look at your files, nothing can stop them other than encryption. Either remove them from the sudoers list (beyond the scope of this answer...) or change their sudo rights so they don't have the ability to look at your files.

  • If they do not have sudo rights, they can still read many of your files in your account, and might even be able to write to some of the files and directories. An easy solution is to create a folder on your desktop or in your home directory called "My Stuff" and protect this with file perms or ACLs such that "others" and "groups" do not have any access to it.

For example, you could mimic what SSH does, and set the permissions on "My Stuff" to read, write and execute (execute means "search" when applied to a directory) for you only. If you ran ls -ld My\ Stuff you would see something like:

drwx------ 2 jdv jdv 4096 Feb 25 14:47 My Stuff/

How to do this is a command like:

chmod u+xwr,g-xwr,o-xwr My\ Stuff/

Once this is done, anything you put in this directory is reasonably safe from casual prying eyes.

There are more ways to do things like this (remember, the unofficial motto of Unix-style systems is "there's more than one way to do it"), but this is the most basic.