Hide folder in linux

scottalanmiller

Hiding is a weird concept. Windows calls something hiding, but you just "show hidden" and it is still there. In Linux, things are hidden when their name starts with a dot. So rename to a hidden name, that should do it.

But, as always, why do you want to do this? I've never wanted a hidden directory in all my years on UNIX.

Lakshmana

@scottalanmiller to hide personal folders hidden from other people

scottalanmiller

@Lakshmana said in Hide folder in linux:

@scottalanmiller to hide personal folders hidden from other people

That makes no sense at all. Why would you want to hide them instead of stopping people from accessing them? Hidden has zero security benefits, literally zero. That's why I'm asking, I know of no possible purpose to hiding a folder.

Dashrender

@scottalanmiller it's usually a misunderstanding - they think they are getting security out of it - kinda the out of sight out of mind idea.

Sadly the really bad guys don't fall for this - you need real security.

scottalanmiller

@Dashrender said in Hide folder in linux:

@scottalanmiller it's usually a misunderstanding - they think they are getting security out of it - kinda the out of sight out of mind idea.

Sadly the really bad guys don't fall for this - you need real security.

Hidden folder would ne fiind by accident. People would just find them.

Francesco Provino

@Lakshmana said in Hide folder in linux:

@scottalanmiller to hide personal folders hidden from other people
What? Just chmod go-r it…

scottalanmiller

@Francesco-Provino said in Hide folder in linux:

@Lakshmana said in Hide folder in linux:

@scottalanmiller to hide personal folders hidden from other people
What? Just chmod go-r it…

Hiding folders: people have to "look" for your data, but it is all there.
Security ACLs: People see your folders but can't see or access what is in them.

thwr

Either use ACLs/Permissions or encrypt your data. You could use an encrypted loopback device (~"image file") for example, but this requires some background knowledge about the underlying technology.

stacksofplates

Just to reiterate. Hidden files/directories begin with a period (~/.bashrc). They are "hidden" from normal view so if you type ls or ls -l they won't appear. But if you type ls -la then they are no longer hidden. It's not a security mechanism, it's just to keep things tidy. If you really want to secure something you'll need to change the mode:

chmod 0600 lakshmana:lakshmana file

Or set an ACL

setfacl -m o::- file

If it's a directory and you want default ACLs you will have to set the default and then apply the ACL.

setfacl -dm o::- dir/
setfacl -m o::- dir/

stacksofplates

@thwr said in Hide folder in linux:

Either use ACLs/Permissions or encrypt your data. You could use an encrypted loopback device (~"image file") for example, but this requires some background knowledge about the underlying technology.

Gnome has Seahorse built in so you can also use PGP (GPG) keys but I haven't been able to get the Nautilus integration to play nicely. So you can create a PGP key in Seahorse (it will take a little while to have enough entropy and then it will show up) and then encrypt a file with:

gpg --output <file.gpg> --encrypt --recipient [email protected] <original-file>

Then decrypt with

gpg --output <file-to-save-as> --decrypt <file.gpg>

scottalanmiller

@thwr said in Hide folder in linux:

Either use ACLs/Permissions or encrypt your data. You could use an encrypted loopback device (~"image file") for example, but this requires some background knowledge about the underlying technology.

ACLs are to prevent other users accessing files. Encryption is to stop thieves who steal the drives from accessing them.

thwr

@scottalanmiller said in Hide folder in linux:

@thwr said in Hide folder in linux:

Either use ACLs/Permissions or encrypt your data. You could use an encrypted loopback device (~"image file") for example, but this requires some background knowledge about the underlying technology.

ACLs are to prevent other users accessing files. Encryption is to stop thieves who steal the drives from accessing them.

Sure. I suggested encryption because it - depending on the type of encryption (loopback/partiton vs encrypted files) - brings also some obfuscation, for example in backups which are outside of what OP may control.

thwr

@stacksofplates said in Hide folder in linux:

@thwr said in Hide folder in linux:

Either use ACLs/Permissions or encrypt your data. You could use an encrypted loopback device (~"image file") for example, but this requires some background knowledge about the underlying technology.

Gnome has Seahorse built in so you can also use PGP (GPG) keys but I haven't been able to get the Nautilus integration to play nicely. So you can create a PGP key in Seahorse (it will take a little while to have enough entropy and then it will show up) and then encrypt a file with:

gpg --output <file.gpg> --encrypt --recipient [email protected] <original-file>

Then decrypt with

gpg --output <file-to-save-as> --decrypt <file.gpg>

I'm not much into *NIX desktop environments. Good to know.

stacksofplates

@thwr said in Hide folder in linux:

@stacksofplates said in Hide folder in linux:

@thwr said in Hide folder in linux:

Either use ACLs/Permissions or encrypt your data. You could use an encrypted loopback device (~"image file") for example, but this requires some background knowledge about the underlying technology.

Gnome has Seahorse built in so you can also use PGP (GPG) keys but I haven't been able to get the Nautilus integration to play nicely. So you can create a PGP key in Seahorse (it will take a little while to have enough entropy and then it will show up) and then encrypt a file with:

gpg --output <file.gpg> --encrypt --recipient [email protected] <original-file>

Then decrypt with

gpg --output <file-to-save-as> --decrypt <file.gpg>

I'm not much into *NIX desktop environments. Good to know.

Ya you're supposed to be able to right click and hit unencrypt or something like that and have it prompt for the password. I haven't been able to get that functionality to work but Seahorse holds PHP keys, SSH keys, passwords, etc. It's not bad.

stacksofplates

@scottalanmiller said in Hide folder in linux:

@thwr said in Hide folder in linux:

Either use ACLs/Permissions or encrypt your data. You could use an encrypted loopback device (~"image file") for example, but this requires some background knowledge about the underlying technology.

ACLs are to prevent other users accessing files. Encryption is to stop thieves who steal the drives from accessing them.

Sure but encryption can act as a type of ACL.

scottalanmiller

@stacksofplates said in Hide folder in linux:

@scottalanmiller said in Hide folder in linux:

@thwr said in Hide folder in linux:

Either use ACLs/Permissions or encrypt your data. You could use an encrypted loopback device (~"image file") for example, but this requires some background knowledge about the underlying technology.

ACLs are to prevent other users accessing files. Encryption is to stop thieves who steal the drives from accessing them.

Sure but encryption can act as a type of ACL.

Kind of, a shared password kind of ACL.

stacksofplates

@scottalanmiller said in Hide folder in linux:

@stacksofplates said in Hide folder in linux:

@scottalanmiller said in Hide folder in linux:

@thwr said in Hide folder in linux:

Either use ACLs/Permissions or encrypt your data. You could use an encrypted loopback device (~"image file") for example, but this requires some background knowledge about the underlying technology.

ACLs are to prevent other users accessing files. Encryption is to stop thieves who steal the drives from accessing them.

Sure but encryption can act as a type of ACL.

Kind of, a shared password kind of ACL.

Sure. Same as group based ACLs. But it's only shared if someone else has your password.

scottalanmiller

@stacksofplates said in Hide folder in linux:

@scottalanmiller said in Hide folder in linux:

@stacksofplates said in Hide folder in linux:

@scottalanmiller said in Hide folder in linux:

@thwr said in Hide folder in linux:

Either use ACLs/Permissions or encrypt your data. You could use an encrypted loopback device (~"image file") for example, but this requires some background knowledge about the underlying technology.

ACLs are to prevent other users accessing files. Encryption is to stop thieves who steal the drives from accessing them.

Sure but encryption can act as a type of ACL.

Kind of, a shared password kind of ACL.

Sure. Same as group based ACLs. But it's only shared if someone else has your password.

Not really a list unless you do