Is $HOME outside of /home transparent for the user apps?

kozaki · 2012-01-22 21:19:02

Do you know of possible drawback for a daily use when creating a user $HOME in a more exotical directory than /home?
e.g. applications that might complain, or is the $HOME actual location (created with 'useradd --base-dir') all that's count?

Note: All apps are launched from the console (browser, office and text utilities, sync software and the Tor Vidalia bundle) so no desktop for _that_ user.
Thanks.

Edited to clarify it's the actual location of $HOME.

Last edited by kozaki (2012-01-22 22:11:48)

/dev/zero · 2012-01-22 21:21:37

Are you talking about the actual location of a user's home directory, or are you talking about setting the environment variable $HOME to something outside the user's home directory?

kozaki · 2012-01-22 21:29:17

Hi /dev/zero, the actual location of a user's home directory.
Am looking for a practical way to hide a user $HOME at first glance.
As part of a first level protection for a friend who'll travel to a place where it's more secure to be seen as casual Ms Smith than Joe Anonymous (-_-)

/dev/zero · 2012-01-22 21:56:12

So, I haven't tried this with full desktop environments, but when I was teaching myself how to use GnuPG, I set up some testing users. I put the homes for alice, bob and eve respectively in /home/testing/{alice,bob,eve}. As you're no doubt aware, this can be done easily by adding the appropriate flag to "useradd".

This not only worked well, but when I later had reason to try out some graphical applications as one of the users, that also worked just fine.

kozaki · 2012-01-24 14:33:32

Thank you /dev/zero

However, the main goal being to hide this user at least from non geek glance, I see a flaw right at the next (second) step.

1. Make the user's HOME outside of /home: OK

2. Encrypt that user's HOME to hide its content further in case of a quick system check/search (i.e. content non searchable)
- Using LUKs data encryption on a partition will let that partition way too visible
- Using ecryptfs will... create a /home/.ecrypt/user directory (o_o)
That means that a simple "ls -a /home" will defaults the whole purpose.
From anrxc's article eCryptfs and $HOME:

Adrian C. wrote:

After your new $HOME (..) prepare the rest of the eCryptfs directory structure:
$ su - 
# mkdir -p /home/.ecryptfs/user/.Private 
# chmod 755 /home/.ecryptfs 
# chmod -R 700 /home/.ecryptfs/user 
Directory /home/.ecryptfs is owned by root and it is a central place for everything related to eCryptfs and user accounts. Everything under /home/.ecryptfs/user is owned by you and the actual encrypted data will be stored in /home/.ecryptfs/user/.Private.

Looks like I dunno enough to make him a /home clear from references to that user (o_o#)

Maybe it'd be good if I go with a new post like "Tips for hiding a user on Arch Linux" or "Tips for creating a ghost user on Arch"?

/dev/zero · 2012-01-24 19:50:05

Okay, so what I thought (and still think) you mean is that you have two accounts, one for alice in /home/alice, and one for bob, somewhere else outside of /home, say /var/local/do-not-look-here/bob.

My point was that if you add the appropriate flag to useradd to create the home for bob in a non-standard location, that should work.

I don't see anything in your ecryptfs tutorial that would necessitate hiding anything inside /home per se. It all looks like it should work if you put everything you want to hide in some other directory.

However, it's unsafe to rely on security through obscurity. For example, if you have a user registered on the system, they will show up in /etc/passwd, and this will immediately give away the $HOME location for bob, no matter how obscure that location is. It only takes one idiot to be scouting around through a computer using say Nautilus, they navigate down to /, decide to check out this /etc thing, and find a file called passwd. "Ooh, maybe passwords are stored there", he thinks. Game over.

One solution that comes to mind is use Phone Book. I haven't tried it out (yet!) but the intent is that you can have an encrypted file, comply with demands for decryption by unlocking some innocuous files, but in fact there's another layer containing the true files that you want hidden.

This would let you hide all the files necessary to enter a chroot or perform a switch_root. Inside the chroot, bob has his home at /home/bob. When done operating as user bob, exit the chroot, and all the chroot files go back to being hidden.

Stebalien · 2012-01-24 20:11:53

If you don't need more than 8 to 16 GB of space, put your home on a separate encrypted SD Card. Create an actual home folder (/home/<user>) and decrypt/mount the SD Card over your actual home when you want to login to your "special" home. If you have a problem, break it in half and throw it in the nearest trashcan. This would obviously be kind of annoying as you would have to log in as root to decrypt/mount the SD card before logging in as your user but it would be very safe.

kozaki · 2012-01-26 14:56:11

Thank you /dev/zero and Stebalien (nice name btw
I'll see whether ecryptfs directory _has_ to stand right in /home as quoted in the howto:

Directory /home/.ecryptfs is owned by root and it is a central place for everything related to eCryptfs and user accounts. Everything under /home/.ecryptfs/user...

in which case this would have to be addressed. the user HOME being on the HDD or on an external device as quoted by Stebalien. e.g. moving temporarily that folder elsewhere would address it. But would imply that the laptop's owner has both to know he should move it, and have the time for, which'd be quite a big flaw.

/dev/zero, those are guys looking for anything weirdo, according to their instructions. It's only _if_ they find something that they think looks "special", than they may proceed further. That's why a full encrypted system is the last thing we'd rely on, as it would put the spotlight on the computer etc., which is what we'd like to avoid.
If everything look "casual", they'll be happy and won't care to look, e.g. at /etc/passwd (which we can free of references to the "hidden user" as quoted here)

It is interesting how hard it looks at least to me, to address both the situations on one computer:
A) the time (99.9%) the computer should be as usable and connected as possible,
B) the 0,1% time it should both look like Mr Smith's notebook and hide/protect a user's profile, few apps and data in an efficient way.
+ no "shift-time" from A to B (and B to A)!
I'll see what I can achieve.
Thank you for your help.

Last edited by kozaki (2012-01-26 14:57:25)

Arch Linux

#1 2012-01-22 21:19:02

Is $HOME outside of /home transparent for the user apps?

#2 2012-01-22 21:21:37

Re: Is $HOME outside of /home transparent for the user apps?

#3 2012-01-22 21:29:17

Re: Is $HOME outside of /home transparent for the user apps?

#4 2012-01-22 21:56:12

Re: Is $HOME outside of /home transparent for the user apps?

#5 2012-01-24 14:33:32

Re: Is $HOME outside of /home transparent for the user apps?

#6 2012-01-24 19:50:05

Re: Is $HOME outside of /home transparent for the user apps?

#7 2012-01-24 20:11:53

Re: Is $HOME outside of /home transparent for the user apps?

#8 2012-01-26 14:56:11

Re: Is $HOME outside of /home transparent for the user apps?

Board footer