1

I want to hide some information in specific folder. This information is generated from one program and apart from this program nobody can access it. Actually, even if the user is root, he also should not access it.

Access permission is not enough for me. Root also should not delete this folder. Is there any structure for it ?

I also want to do not modify Kernel modules for this operation. I hope there is straightforward path for this job.

utku.unal
  • 11
  • And what prevents the user from simply switching to your user? – muru May 12 '17 at 08:15
  • @muru Basically, acces permission is one of the cases. The other one is folder cannot be deleted. On the other hand, I should state that there is no internet connection in system so i cannot hide my data any place apart from local storage. – utku.unal May 12 '17 at 08:19
  • 1
    "Can I create folder which root cannot access?" No. And root can always revert your changes and can also always format a disk. The ONLY way is to put it on removable storage (ie. USB stick, DVD/CD) that your remove from the system when not needed. "I also want to do not modify Kernel modules for this operation." even that wont work: root can revert those changes. Oh and if you can do that revoke root permissions from the user you do not trust. – Rinzwind May 12 '17 at 08:33

1 Answers1

1

One thing is seeing content and the other not to have a permission to delete it.

You can play a little e.g. with FolderEncryption or VeraCrypt to prevent root to see the content, but then you need to store a password/certificate somewhere.

Same with prevent deleting the folder by root. He must have the permission to do it, otherwise he will not be the root.

And that's it - it would be against the root purpose prevent him to have access to anything on that system. Than he would not be a root.

Martin
  • 481
  • Yes, you are right. This job can be seen as contradictory for open source philosophy because root has all power over the system but there should be one way to do it. Otherwise, there is no security definition in open source embedded systems. :) Thanks for your answer. – utku.unal May 12 '17 at 10:55