(More) Specifics:
- Undoing the protection should include filling in a password.
- The password should be different from the one used with
sudo
or any other passwords that are used for acquiring elevated privileges.
All (possible) solutions and suggestions are welcome! Thanks in advance!
Edit: Perhaps additional specifications:
- With 'displace‘, I mean anything involving that resembles the result of
mv
,cp
(move, cut, copy) or whatsoever. The files should remain in their previously assigned locations/places and should not be able to 'pop up' anywhere. - I require for the files to be unreadable.
- I don't care if it's modifiable or not.
- I don't require this for my whole system! Only for a specific set of files.
Just make the file root owned and readable by no one. An unreadable file can't be copied. You can use
chattr
to add some flags like immutability if you desire (shouldn't really need to). Use a command likefind /some/path -type f -exec chattr whatever {} \;
if you need to do this recursively. Root account should need a password, and should (hopefully) not be accessable with an unprivileged user's password throughsudo
/doas
, but on its own account with it's own password usingsu
orlogin
.Note that without encrypting the file, this does not protect you from someone just grabbing your storage device and mounting it with root permissions and then they can do whatever they want with your data. It also doesn't protect you if someone gets root access to your device through other remote means. If you want to encrypt the file, use something like
openssl some-cipher -k 'your password' -in file -out file.cipher_ext
. If you want to encrypt multiple files, put them in atar
ball and encrypt the tarball. You can again also usefind
withopenssl
to encrypt/decrypt recursively if you don't want to use a tarball, which may be better with ciphers like blowfish that aren't secure at large file sizes; but if you do that, you expose your encrypted file system structure to attackers.I am not a fan of full disk encryption, because it usually means leaving all your data decrypted during runtime with how most people use it. If you only decrypt a block device when you need to, there's nothing wrong with that, and can work as an alternative to encrypting a tarball.
Definitely one of the better answers I've received so far. Thank you for that. However, I feel as if the following part reveals that it's not as 'protected' as I'd like:
Though, at this point, I've somewhat accepted that I'm seeking a software solution for a hardware problem. Hence, the impossibility of my query... I hope I'm wrong and perhaps you can point me towards the solution I'm seeking. However, if that's not the case, then I would like you to know that I appreciate your comment. Thank you.