(More) Specifics:

  • Undoing the protection should include filling in a password.
  • The password should be different from the one used with sudo or any other passwords that are used for acquiring elevated privileges.

All (possible) solutions and suggestions are welcome! Thanks in advance!

Edit: Perhaps additional specifications:

  • With 'displace‘, I mean anything involving that resembles the result of mv, cp (move, cut, copy) or whatsoever. The files should remain in their previously assigned locations/places and should not be able to ‘pop up’ anywhere.
  • I require for the files to be unreadable.
  • I don’t care if it’s modifiable or not.
  • I don’t require this for my whole system! Only for a specific set of files.
  • rotopenguin@infosec.pub
    link
    fedilink
    English
    arrow-up
    8
    ·
    5 months ago

    If you don’t want files to be accessible by you, then have another user own them.

    If you don’t want files to be accessible by root, then don’t have them at all.

    • poki@discuss.onlineOP
      link
      fedilink
      arrow-up
      2
      ·
      5 months ago

      This seems interesting. However, if I’m correct. What you suggest is not capable (by itself) to prevent said files to be copied through a disk clone. Am I right? Even if they’re otherwise encrypted or inaccessible, then still they will come through the disk clone. Did I understood you correctly?