Protect linux files from viewing from windows progs

k3rn31 · 2008-03-01 08:56:20

I have installed in Windows a program called Linux Reader and I can read and save all of my files from my linux partition. Is there a way to protect some files from viewing saving? In linux are protected and only root can view them....

Thanks

moljac024 · 2008-03-01 09:17:48

http://www.fs-driver.org/

That's a windows driver for the ext2 filesystem (you can also use it with ext3, only it won't utilize journaling). You can choose to mount partitions as read-only (during install time). I use that on my computer and it works like a charm. Much better than Linux Reader (i've used that one too)

k3rn31 · 2008-03-01 16:34:11

Yes but you don't understand my question. I am looking for a way that some files NOT to be shown in these Programs!

Thanks

tofu · 2008-03-01 16:55:49

What i usually do is to have a "/" partition and a "/home" partition.

I only mount the /home partition in windows with fs-driver.org . All the other things windows will not see...

There are plenty of other partitioning, but i find this works best for me.

Frood · 2008-03-01 16:56:40

The filesystem cannot stop itself from being read by a operating system. The OS can basically do whatever it wants with the contents of its harddrive.

To stop Windows from reading files created and used in Linux you would need to use some kind of encryption on your Linux partition or the files you don't want Windows to be able to read. Windows will still be able to delete or overwrite your data though.

Maybe there is a hardware solution that does what you want. Only in software it cannot be done.

Sigi · 2008-03-01 19:47:13

Frood wrote:

The filesystem cannot stop itself from being read by a operating system. The OS can basically do whatever it wants with the contents of its harddrive.

You could always use an encrypted filesystem for the sensitiv data (or the root-partition)

vogt · 2008-03-01 22:43:42

moljac024 wrote:

http://www.fs-driver.org/

I'm pretty sure that that driver does not care about filesystem permissions, but if it did, all it would take is a bit of chown/chmod'ing.

moljac024 · 2008-03-02 00:21:21

What does it hurt to be able to view the files ? If they can't be modified no damage could be done.

BTW I would STRONGLY suggest mounting ext2/ext3 partitions with fs-driver as read-only under windows. It managed to screw up the filesystem and I had to fix it manually with fsck before I could use it again under linux.

k3rn31 · 2008-03-02 00:32:31

Ok thanks guys. But I want my apache httpd folder not to be shown. How can I encrypt a folder that is accessible by the web? I don't think that I will find a solution with this. Any ideas?

carlocci · 2008-03-02 01:31:16

how big is your folder?
You could encrypt/restore it at shutdown/boot time with tar and gpg probably

k3rn31 · 2008-03-02 09:18:48

carlocci wrote:

how big is your folder?
You could encrypt/restore it at shutdown/boot time with tar and gpg probably

Hmm maybe this is a solution.

My folder is: 35 Mb and it is www folder and has web access. Is it possible?

carlocci · 2008-03-02 19:33:24

I do think so, even if the shutdown could take longer.
Remember it's not a safe encryption since deleted data could be recovered.

Simply name this script wwwencrypt and place it in rc.d, add it to DAEMONS in rc.conf.
It should be executed before apache otherwise apache would probably complain, but I think backgrounding it should be fine too.

#!/bin/bash

. /etc/rc.conf
. /etc/rc.d/functions

case "$1" in
  start)
    stat_busy "Decrypting www dir"

    # Begin decrypting routine
    if [ -f /root/ENCRYPTED_ARCHIVE.tar ]; then
      /PATH/TO/filexor /root/ENCRYPTED_ARCHIVE.tar /root/TAR_ARCHIVE.tar PASSWORD && rm ENCRYPTED_ARCHIVE.tar
      tar -xf TAR_ARCHIVE -C /PATH/TO/WWW/DIRECTORY/
    else
      echo "No archive to decrypt!"
      stat_fail
    fi
    if [ $? -gt 0 ]; then
      stat_fail
    else
      stat_done
      add_daemon wwwencrypt
    fi
    ;;
  stop)
    stat_busy "Encrypting www dir"

    # Begin encrypting routine
    tar -cf /root/TAR_ARCHIVE.tar /PATH/TO/WWW/DIRECTORY/
    /PATH/TO/filexor /root/TAR_ARCHIVE.tar /root/ENCRYPTED_ARCHIVE.tar PASSWORD && rm /root/TAR_ARCHIVE.tar
    if [ -f /root/ENCRYPTED_ARCHIVE ]; then
        rm -R /PATH/TO/WWW/DIRECTORY
    else
       stat_fail
    fi
    if [ $? -gt 0 ]; then
      stat_fail
    else
      stat_done
      rm_daemon wwwencrypt
    fi
    ;;
  restart)
    $0 stop
    sleep 1
    $0 start
    ;;
  *)
    echo "usage: $0 {start|stop|restart}"
esac

with filexor.c being this program I edited (I found it here: http://www.groovyweb.uklinux.net/index. … s%20in%20C )

/******************************************************
 Standard XOR Encryption By Axion
 UIN : 35614954
 EMAIL: axionis@hotmail.com
 DATE : MAY 21st 2000
 USAGE: xe filein fileout key
 *******************************************************/
#include <stdio.h>
#define PROG_NAME "xe"
void usage()
        {
        printf("-------------------------------\n");
        printf("Invalid command line\n");
        printf("Usage: %s infile outfile key\n", PROG_NAME);
        printf("-------------------------------\n");
        }

int main(int argc, char *argv[])
{
        int count,bytes;         /* counter when looping through file, and bytes to count filesize */
        FILE *in,*out;           /* In and out FILE Streams to read/write data */
        if(argc < 4)             /* Error check the command line */
        {
                usage();         /* Display Usage Information on error */
                return 1;        /* Exit Program returning 0 - no error */
        }
        if (( in = fopen(argv[1], "rb")) == NULL) /* Error Check File Streams */
        {
                printf("Error opening %s\n", argv[1]);
                return 1;
        }
        if (( out = fopen(argv[2], "wb")) == NULL)
        {
                printf("Error opening %s\n", argv[2]);
                return 1;
        }

        while(( count = getc(in)) != EOF)
        {
                count = count ^ *argv[3];       /* Apply XOR ( KEY ) */
                bytes++;
                putc(count, out);               /* Write new file */
        }
        fclose(in);
        fclose(out);
        printf("Encryption Success:\n");
        printf("Encrypted %s and stored data in %s\n", argv[1],argv[2]);
        printf("Wrote %d bytes to %s\n", bytes,argv[2]);
        return 0;
}

you can use whatever encrypting program you like though (I am learning some C).
Filexor just xor the data with your password: the encryption level is close to nonexistant, but you might find it useful if you just don't want others to look at your data.
If you want to go with gpg, http://www.google.com/search?hl=en&q=en … e+with+gpg

You MAY want to backup your data and revise the whole script and c source since this is the first time for me too

k3rn31 · 2008-03-02 23:49:32

Thank you very much for the reply! I will do it I will try first with gpg and I will see

Thanks!

Arch Linux

#1 2008-03-01 08:56:20

Protect linux files from viewing from windows progs

#2 2008-03-01 09:17:48

Re: Protect linux files from viewing from windows progs

#3 2008-03-01 16:34:11

Re: Protect linux files from viewing from windows progs

#4 2008-03-01 16:55:49

Re: Protect linux files from viewing from windows progs

#5 2008-03-01 16:56:40

Re: Protect linux files from viewing from windows progs

#6 2008-03-01 19:47:13

Re: Protect linux files from viewing from windows progs

#7 2008-03-01 22:43:42

Re: Protect linux files from viewing from windows progs

#8 2008-03-02 00:21:21

Re: Protect linux files from viewing from windows progs

#9 2008-03-02 00:32:31

Re: Protect linux files from viewing from windows progs

#10 2008-03-02 01:31:16

Re: Protect linux files from viewing from windows progs

#11 2008-03-02 09:18:48

Re: Protect linux files from viewing from windows progs

#12 2008-03-02 19:33:24

Re: Protect linux files from viewing from windows progs

#13 2008-03-02 23:49:32

Re: Protect linux files from viewing from windows progs

Board footer