Kommentare zu: Is there any way to make a file inaccessible to root in linux? http://1299.de/2010/06/is-there-any-way-to-make-a-file-inaccessible-to-root-in-linux/ Centos Neuigkeiten Mon, 10 Oct 2011 04:29:00 +0000 hourly 1 http://wordpress.org/?v=3.3.1 Von: jplatt39 http://1299.de/2010/06/is-there-any-way-to-make-a-file-inaccessible-to-root-in-linux/comment-page-1/#comment-444 jplatt39 Fri, 25 Jun 2010 15:07:40 +0000 http://1299.de/2010/06/is-there-any-way-to-make-a-file-inaccessible-to-root-in-linux/#comment-444 Root is the administrative account period. If a file exists on that system, a root account can read it, execute it or delete it. Disabling the root account and doing everything through sudo is generally a good idea, even if it's sometimes called the "paranoid Unix Admin's approach" but the only way to "hide" a file from root is the way you hide it from everybody -- by putting a dot in the front of the name. And that only works until they do an ls -a Root is the administrative account period. If a file exists on that system, a root account can read it, execute it or delete it. Disabling the root account and doing everything through sudo is generally a good idea, even if it’s sometimes called the “paranoid Unix Admin’s approach” but the only way to “hide” a file from root is the way you hide it from everybody — by putting a dot in the front of the name. And that only works until they do an ls -a

]]> Von: jacovkss2 http://1299.de/2010/06/is-there-any-way-to-make-a-file-inaccessible-to-root-in-linux/comment-page-1/#comment-443 jacovkss2 Fri, 25 Jun 2010 15:04:24 +0000 http://1299.de/2010/06/is-there-any-way-to-make-a-file-inaccessible-to-root-in-linux/#comment-443 No trust? Do you people really feel that a lowly* sys admin person should have access to sensitive business data? Sorry, but I totally agree with management here... (Boy, THERE'S a sentence I didn't think would ever come out of keyboard!) * Just trying to make a point! No trust? Do you people really feel that a lowly* sys admin person should have access to sensitive business data? Sorry, but I totally agree with management here… (Boy, THERE’S a sentence I didn’t think would ever come out of keyboard!)

* Just trying to make a point!

]]> Von: stevenmcconnon http://1299.de/2010/06/is-there-any-way-to-make-a-file-inaccessible-to-root-in-linux/comment-page-1/#comment-442 stevenmcconnon Fri, 25 Jun 2010 14:23:30 +0000 http://1299.de/2010/06/is-there-any-way-to-make-a-file-inaccessible-to-root-in-linux/#comment-442 totally agreed. not a good client relationship if they cant trust you! you need access before you can prevent giving yourself access right? perhaps httaccess, but you would still have access! totally agreed. not a good client relationship if they cant trust you!

you need access before you can prevent giving yourself access right? perhaps httaccess, but you would still have access!

]]> Von: Misc Tech Advice http://1299.de/2010/06/is-there-any-way-to-make-a-file-inaccessible-to-root-in-linux/comment-page-1/#comment-441 Misc Tech Advice Fri, 25 Jun 2010 14:19:05 +0000 http://1299.de/2010/06/is-there-any-way-to-make-a-file-inaccessible-to-root-in-linux/#comment-441 Doesn't sound like you have a very trustworthy relationship with your client. If it makes them feel more comfortable, disable root account and use sudo for everything (Ubuntu approach). If you have enough access to administer the box, then you will have enough access to be able to access the data in question. Doesn’t sound like you have a very trustworthy relationship with your client.

If it makes them feel more comfortable, disable root account and use sudo for everything (Ubuntu approach).
If you have enough access to administer the box, then you will have enough access to be able to access the data in question.

]]>