If you do not need or want to encrypt files on your computer but would like to stop casual snooping, then what is the best method for password protecting your folders on Linux/Unix? Today’s SuperUser Q&A post has helpful answers to a curious reader’s question.
Today’s Question & Answer session comes to us courtesy of SuperUser—a subdivision of Stack Exchange, a community-driven grouping of Q&A web sites.
Photo courtesy of Nathan Meijer (Flickr).
SuperUser reader Zane Woodard wants to know how to password protect a folder on Linux/Unix without encryption:
I have searched around quite a bit for either a built-in feature or program to do this, but had no luck. I want to password protect a folder, but do not want to encrypt it.
The security of the contents of the folder is not important, the password would just act as a deterrent to somebody attempting to access the contents of the folder from my computer. Think of it like a password lock on a computer, if you were to remove the hard-drive, you could easily take all the files the user had, but the password is still a deterrent to people accessing the contents of the drive.
Two main reasons for not using encryption here are:
- Decreased performance for opening files.
- Encryption prevents the contents from being indexed/searchable.
Is anybody aware of a solution?
Is there an easy solution that Zane could use to password protect his folder?
SuperUser contributors R Schultz and Bodo Thiesen have the answer for us. First up, R Schultz:
The easiest way would be to change the permissions of the files so that they are not readable by anyone other than the owner. Once that is done, a user would have to either log in as you (which should require a password) or sudo as root (which should also require a password). To change the permissions, simply use the following command on any files you do not want others to have access to.
- chmod og-rwx filename
This assumes that when you are not at your computer, your screen is locked and there is a password for your account as well as the root account.
Followed by the answer from Bodo Thiesen:
Create a new user for these protected files and/or directories. Then replace $newuser with the new user account name:
- chown $newuser filename directoryname
- chmod og-rwx filename directoryname
This way, the files and directories are safe even if you do not log out and have your screen unlocked for some reason.
Have something to add to the explanation? Sound off in the comments. Want to read more answers from other tech-savvy Stack Exchange users? Check out the full discussion thread here.