Password Protection for a Folder

yustr · 10-16-2006, 11:50 AM

Awhile back I asked about encrypting a drive. I decided against that but I would still like to protect certain folders.

Is there a way to assign a password to a folder?

I'm using Ubuntu 6.06 the drive is formatted ext3.

shuuhen · 10-16-2006, 08:12 PM

I'd probably go with permissions. You can create a specific group and instead of giving people a password, you can just add them to a group. This makes it simple to deny them access by just removing them from the group.

As either the directory's owner or root, you can type 'chmod xyz file' where xyz is an octal number.

x - the owner's permissions
y - the group's permissions
z - everyone else's permissions

You can then think of each of the three integers similar to a binary representation of each of the three sets of permissions. For example:
rwx = 111 = 7
rw- = 110 = 6
-w- = 010 = 2

If you really want, you should also be able to type 'chmod rwxrwxrwx file', 'chmod rwxr-xr-- file' to type in the permissions the long way.

You can use 'chown owner:group file' to change owner and group.

yustr · 10-17-2006, 09:12 AM

Thanks shuuhen,

If I do that the files are still visable on the drive - right? So even if a user can't open the file he can still see it. Said another way: Does permissions keep someone w/o the necessary permission from seeing the file structure?

What I'd like to do is have a folder that only I can see. I thought about daughter folder within a protected parent folder - My Docs>My Really Important Docs. Another user could see the My Docs folder but couldn't open it to see the My Really Important Docs sub-folders.

thanks, yustr

Skie · 10-17-2006, 10:00 AM

If you do it shuuhen's way, then you need to set the permissions to 660 for files and 770 for directories/folders, so that only the owner/group can have access to the files. All others will not even be able to get a file listing.

Another option would be to create an encrypted file that can be mounted just like any other drive. This is a bit more involved and there are a few options to use.

The danger with either option is if you login and walk away, someone can sit down at your computer and start browsing these files. Setting the screensaver to lock once it turns on is a good way around this. And in KDE (I don't know about Gnome), you can set one or more corners of the screen as a trigger point for the screensaver (i.e. you move the mouse to the very top left corner and leave it there for a few seconds and the screensaver will start).

yustr · 10-31-2006, 05:28 PM

I've tried the permissions route and that's not doing what I want.

So it looks like encryption is the way to go. Shie, you mention options...Is there a program I should investigate or a guide that will walk me through it?

I have a number of folders with a number of subfolders - all on one drive. Ideas?

Thanks

**Squashman** · 11-02-2006, 11:13 AM

TrueCrypt.
Works on Linux and Windows.
TrueCrypt - Free Open-Source On-The-Fly Disk Encryption Software for Windows XP/2000 and Linux

But permissions should work. Not sure what is not working for you.

You could also look into use ACL's.
Introduction to Linux Capabilities and ACL's
Linux ACL - Google Search

yustr · 11-02-2006, 06:44 PM

Quote:

Originally Posted by Squashman

TrueCrypt.
Works on Linux and Windows.
TrueCrypt - Free Open-Source On-The-Fly Disk Encryption Software for Windows XP/2000 and Linux

This looks like what I'm after. Do I need to make a new drive partition and encrypt and move all of my data there? Or can I encrypt the data as it is today?

But permissions should work. Not sure what is not working for you.

I want something more secure.

You could also look into use ACL's.
Introduction to Linux Capabilities and ACL's
Linux ACL - Google Search

**Cellus** · 11-03-2006, 02:22 PM

Just for clarification...

If you remove the Read permission from the directory, it can not list files (such as using ls). If you remove the eXecute permission from the directory, you can not navigate into it.

The files are still, however, stored in plaintext.

10-16-2006, 11:50 AM	#1 (permalink)
yustr Asst. Manager, The Conversation Pit Join Date: Sep 2004 Location: Connecticut shore Posts: 6,050 OS: XP Pro My System	Password Protection for a Folder Awhile back I asked about encrypting a drive. I decided against that but I would still like to protect certain folders. Is there a way to assign a password to a folder? I'm using Ubuntu 6.06 the drive is formatted ext3. __________________ If there are lawyers or politicians involved, logic may be a very poor tool for reaching a conclusion.

10-17-2006, 09:12 AM	#3 (permalink)
yustr Asst. Manager, The Conversation Pit Join Date: Sep 2004 Location: Connecticut shore Posts: 6,050 OS: XP Pro My System	Thanks shuuhen, If I do that the files are still visable on the drive - right? So even if a user can't open the file he can still see it. Said another way: Does permissions keep someone w/o the necessary permission from seeing the file structure? What I'd like to do is have a folder that only I can see. I thought about daughter folder within a protected parent folder - My Docs>My Really Important Docs. Another user could see the My Docs folder but couldn't open it to see the My Really Important Docs sub-folders. thanks, yustr __________________ If there are lawyers or politicians involved, logic may be a very poor tool for reaching a conclusion.

10-17-2006, 10:00 AM	#4 (permalink)
Skie Manager, Alternative Comp Join Date: Mar 2003 Location: Chicago burbs Posts: 2,194 OS: Gentoo Linux, CentOS, OS X My System	If you do it shuuhen's way, then you need to set the permissions to 660 for files and 770 for directories/folders, so that only the owner/group can have access to the files. All others will not even be able to get a file listing. Another option would be to create an encrypted file that can be mounted just like any other drive. This is a bit more involved and there are a few options to use. The danger with either option is if you login and walk away, someone can sit down at your computer and start browsing these files. Setting the screensaver to lock once it turns on is a good way around this. And in KDE (I don't know about Gnome), you can set one or more corners of the screen as a trigger point for the screensaver (i.e. you move the mouse to the very top left corner and leave it there for a few seconds and the screensaver will start). __________________ Last edited by Skie; 10-17-2006 at 10:02 AM.

10-31-2006, 05:28 PM	#5 (permalink)
yustr Asst. Manager, The Conversation Pit Join Date: Sep 2004 Location: Connecticut shore Posts: 6,050 OS: XP Pro My System	I've tried the permissions route and that's not doing what I want. So it looks like encryption is the way to go. Shie, you mention options...Is there a program I should investigate or a guide that will walk me through it? I have a number of folders with a number of subfolders - all on one drive. Ideas? Thanks __________________ If there are lawyers or politicians involved, logic may be a very poor tool for reaching a conclusion.

11-03-2006, 02:22 PM	#8 (permalink)
Cellus Moderator Networking Team Join Date: Aug 2006 Location: Canada Posts: 2,664 OS: Windows Vista Business SP1, Windows XP Professional SP3 My System	Just for clarification... If you remove the Read permission from the directory, it can not list files (such as using ls). If you remove the eXecute permission from the directory, you can not navigate into it. The files are still, however, stored in plaintext. __________________ TSF Networking Team Virus/Trojan/Spyware Removal Help Donate!

10-16-2006, 08:12 PM	#2 (permalink)
shuuhen Manager Join Date: Sep 2004 Location: Colorado Posts: 987 OS: Mac OS 9.1, Mac OS X 10.5.8, WinXP Pro, FreeBSD 6.0, Gentoo Linux My System	I'd probably go with permissions. You can create a specific group and instead of giving people a password, you can just add them to a group. This makes it simple to deny them access by just removing them from the group. As either the directory's owner or root, you can type 'chmod xyz file' where xyz is an octal number. x - the owner's permissions y - the group's permissions z - everyone else's permissions You can then think of each of the three integers similar to a binary representation of each of the three sets of permissions. For example: rwx = 111 = 7 rw- = 110 = 6 -w- = 010 = 2 If you really want, you should also be able to type 'chmod rwxrwxrwx file', 'chmod rwxr-xr-- file' to type in the permissions the long way. You can use 'chown owner:group file' to change owner and group.

11-02-2006, 11:13 AM	#6 (permalink)
Squashman Tech, Networking Forums Join Date: Apr 2005 Location: 1265 Lombardi Ave. Posts: 1,142 OS: All of the above	TrueCrypt. Works on Linux and Windows. TrueCrypt - Free Open-Source On-The-Fly Disk Encryption Software for Windows XP/2000 and Linux But permissions should work. Not sure what is not working for you. You could also look into use ACL's. Introduction to Linux Capabilities and ACL's Linux ACL - Google Search