FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Kubuntu User

 
 
LinkBack Thread Tools
 
Old 04-25-2008, 03:37 AM
Larry Hartman
 
Default Security-related questions

Is it possible to create two user accounts, one that shows up in the KDM/GDM
logon display with restricted accesses, and another that is invisible to
KDM/GDM with more accesses?

In the same vein, pertaining to these two accounts, is it possible to restrict
visibility to certain directories from the restricted account--to hide
directories and files from view, even the "hidden" options in the various
file managers--so that only when logging into the user account with more
access do they become visible?

In such a scenario what realistic measures and trade-offs would need to be
addressed to tighten security in this regard? I would suspect boot-time
failsafe mode would have to be made unavailable as well...this in itself
comes with some inherent risk.

I am curious because I read a trial brief this week concerning a laptop that
was inspected by border control agents through actually turning it on.


Larry

--
kubuntu-users mailing list
kubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/kubuntu-users
 
Old 04-25-2008, 04:57 AM
Nils Kassube
 
Default Security-related questions

Larry Hartman wrote:
> Is it possible to create two user accounts, one that shows up in the
> KDM/GDM logon display with restricted accesses, and another that is
> invisible to KDM/GDM with more accesses?

At least for KDM the user isn't visible if the user ID is below 1000.

> In the same vein, pertaining to these two accounts, is it possible to
> restrict visibility to certain directories from the restricted
> account

This can be done with the usual file / directory permissions. However you
can't hide essential directories like /usr/bin etc.

Another option would be a chroot environment, but I don't know how to use
it at login time and it is possible to escape from chroot.

> to hide directories and files from view, even the "hidden"
> options in the various file managers--so that only when logging into
> the user account with more access do they become visible?

The hidden attribute is only a sort of interpretation of file names
starting with "." by the file managers or other programs. If there is no
global configuration override, you probably can't make "hidden" files
invisible. And in a terminal you can definitely see the files with the
appropriate commands (e.g. "ls -A").

> I am curious because I read a trial brief this week concerning a laptop
> that was inspected by border control agents through actually turning it
> on.

If you want to hide something from border control agents, it is probably
better to not have sensitive data on the machine. I read something the
other day, that a laptop hard disk was cloned at border control. You
can't really hide an account because the user name has to be listed
in /etc/passwd. Maybe you want to read a bit about truecrypt at
<http://www.truecrypt.org>, but I can't tell you how safe that would be
at border control.


Nils

--
kubuntu-users mailing list
kubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/kubuntu-users
 
Old 04-25-2008, 12:41 PM
David McGlone
 
Default Security-related questions

On Friday 25 April 2008 12:57:13 am Nils Kassube wrote:
> Larry Hartman wrote:
> > Is it possible to create two user accounts, one that shows up in the
> > KDM/GDM logon display with restricted accesses, and another that is
> > invisible to KDM/GDM with more accesses?
>
> At least for KDM the user isn't visible if the user ID is below 1000.
>
> > In the same vein, pertaining to these two accounts, is it possible to
> > restrict visibility to certain directories from the restricted
> > account
>
> This can be done with the usual file / directory permissions. However you
> can't hide essential directories like /usr/bin etc.
>
> Another option would be a chroot environment, but I don't know how to use
> it at login time and it is possible to escape from chroot.
>
> > to hide directories and files from view, even the "hidden"
> > options in the various file managers--so that only when logging into
> > the user account with more access do they become visible?
>
> The hidden attribute is only a sort of interpretation of file names
> starting with "." by the file managers or other programs. If there is no
> global configuration override, you probably can't make "hidden" files
> invisible. And in a terminal you can definitely see the files with the
> appropriate commands (e.g. "ls -A").
>
> > I am curious because I read a trial brief this week concerning a laptop
> > that was inspected by border control agents through actually turning it
> > on.
>
> If you want to hide something from border control agents, it is probably
> better to not have sensitive data on the machine. I read something the
> other day, that a laptop hard disk was cloned at border control. You
> can't really hide an account because the user name has to be listed
> in /etc/passwd. Maybe you want to read a bit about truecrypt at
> <http://www.truecrypt.org>, but I can't tell you how safe that would be
> at border control.

Stick a second HD in the machine and unplug it when going through border
control.



--
kubuntu-users mailing list
kubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/kubuntu-users
 
Old 04-25-2008, 02:00 PM
Derek Broughton
 
Default Security-related questions

Nils Kassube wrote:

> Larry Hartman wrote:
>> Is it possible to create two user accounts, one that shows up in the
>> KDM/GDM logon display with restricted accesses, and another that is
>> invisible to KDM/GDM with more accesses?
>
> At least for KDM the user isn't visible if the user ID is below 1000.

And you can specifically exclude users from the KDM login chooser - I
suspect, but don't know, that such users could still be used to login if
you actually used a valid username/password.

>> In the same vein, pertaining to these two accounts, is it possible to
>> restrict visibility to certain directories from the restricted
>> account
>
> This can be done with the usual file / directory permissions. However you
> can't hide essential directories like /usr/bin etc.

Again, you can _hide_ all sorts of things in konqueror (using .directory
files, iirc - I've deleted the ones kubuntu installs by default, so I'm not
certain) - but it's just "security through obscurity".

>> to hide directories and files from view, even the "hidden"
>> options in the various file managers--so that only when logging into
>> the user account with more access do they become visible?
>
> The hidden attribute is only a sort of interpretation of file names
> starting with "." by the file managers or other programs. If there is no
> global configuration override, you probably can't make "hidden" files
> invisible. And in a terminal you can definitely see the files with the
> appropriate commands (e.g. "ls -A").

Yeah, that's the same situation as the .directory files.

What you can actually get even the slightest look at, in any unix-based
filesystem, is determined by the "x" (traverse) permission on a directory.

So if you want to hide, say, /sbin from ordinary users, you remove the "x"
permission from world, and make special users part of a group that does
have "x" permission. It gets complicated ... :-)
>
>> I am curious because I read a trial brief this week concerning a laptop
>> that was inspected by border control agents through actually turning it
>> on.
>
> If you want to hide something from border control agents, it is probably
> better to not have sensitive data on the machine.

That's really your only option. If you try to _hide_ data from US border
control, I believe you're now committing a crime.

At least one legal office is now sending it's lawyers across the Canada-US
border with clean laptops - they download everything they need from
the 'net. It's scary to imagine that its now more secure to save your data
on the Internet than on a well protected laptop (or that the people we most
have to protect ourselves from, are the people we expect to protect us).

> I read something the
> other day, that a laptop hard disk was cloned at border control. You
> can't really hide an account because the user name has to be listed
> in /etc/passwd. Maybe you want to read a bit about truecrypt at
> <http://www.truecrypt.org>, but I can't tell you how safe that would be
> at border control.

Failing to deliver the decryption key could be a violation of the PATRIOT
act.
--
derek


--
kubuntu-users mailing list
kubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/kubuntu-users
 
Old 04-25-2008, 03:45 PM
"Willy Hamra"
 
Default Security-related questions

> I read something the

> other day, that a laptop hard disk was cloned at border control. You

> can't really hide an account because the user name has to be listed

> in /etc/passwd. Maybe you want to read a bit about truecrypt at

> <http://www.truecrypt.org>, but I can't tell you how safe that would be

> at border control.



Failing to deliver the decryption key could be a violation of the PATRIOT

act.i dont live in the US, so dont exactly know the PATRIOT act, but what are you saying? if the border control were unable to see my data due to a certain security measure i've taken, say encryption, i have to help them get the info? what about the user or root password? are people forced to give that too?


--
kubuntu-users mailing list
kubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/kubuntu-users
 
Old 04-25-2008, 04:03 PM
Lisi Reisz
 
Default Security-related questions

On Friday 25 April 2008 16:45:27 Willy Hamra wrote:
> > > I read something the
> > > other day, that a laptop hard disk was cloned at border control. You
> > > can't really hide an account because the user name has to be listed
> > > in /etc/passwd. Maybe you want to read a bit about truecrypt at
> > > <http://www.truecrypt.org>, but I can't tell you how safe that would be
> > > at border control.
> >
> > Failing to deliver the decryption key could be a violation of the PATRIOT
> > act.
>
> i dont live in the US, so dont exactly know the PATRIOT act, but what are
> you saying? if the border control were unable to see my data due to a
> certain security measure i've taken, say encryption, i have to help them
> get the info? what about the user or root password? are people forced to
> give that too?

In this country - the UK - not divulging the password or encryption key when
you are asked for it by the police is, or is about to become, (I am not sure
exactly how far down the line the legislation is) a criminal offence - even
if the reason you do not give it is that it doesn't exist or that you have
forgotten it.

Lisi

--
kubuntu-users mailing list
kubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/kubuntu-users
 
Old 04-25-2008, 04:59 PM
Billie Walsh
 
Default Security-related questions

Willy Hamra wrote:
>
> > I read something the
> > other day, that a laptop hard disk was cloned at border control. You
> > can't really hide an account because the user name has to be listed
> > in /etc/passwd. Maybe you want to read a bit about truecrypt at
> > <http://www.truecrypt.org>, but I can't tell you how safe that
> would be
> > at border control.
>
> Failing to deliver the decryption key could be a violation of the
> PATRIOT
> act.
>
> i dont live in the US, so dont exactly know the PATRIOT act, but what
> are you saying? if the border control were unable to see my data due
> to a certain security measure i've taken, say encryption, i have to
> help them get the info? what about the user or root password? are
> people forced to give that too?

The Patriot Act is the loss of our rights by government declaration.

--
Life is what happens while your busy making other plans.


--
kubuntu-users mailing list
kubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/kubuntu-users
 
Old 04-26-2008, 01:21 AM
Larry Hartman
 
Default Security-related questions

On Friday 25 April 2008 07:00:39 am Derek Broughton wrote:
> Nils Kassube wrote:
> > Larry Hartman wrote:
> >> Is it possible to create two user accounts, one that shows up in the
> >> KDM/GDM logon display with restricted accesses, and another that is
> >> invisible to KDM/GDM with more accesses?
> >
> > At least for KDM the user isn't visible if the user ID is below 1000.
>
> And you can specifically exclude users from the KDM login chooser - I
> suspect, but don't know, that such users could still be used to login if
> you actually used a valid username/password.
>
> >> In the same vein, pertaining to these two accounts, is it possible to
> >> restrict visibility to certain directories from the restricted
> >> account
> >
> > This can be done with the usual file / directory permissions. However you
> > can't hide essential directories like /usr/bin etc.
>
> Again, you can _hide_ all sorts of things in konqueror (using .directory
> files, iirc - I've deleted the ones kubuntu installs by default, so I'm not
> certain) - but it's just "security through obscurity".
>
> >> to hide directories and files from view, even the "hidden"
> >> options in the various file managers--so that only when logging into
> >> the user account with more access do they become visible?
> >
> > The hidden attribute is only a sort of interpretation of file names
> > starting with "." by the file managers or other programs. If there is no
> > global configuration override, you probably can't make "hidden" files
> > invisible. And in a terminal you can definitely see the files with the
> > appropriate commands (e.g. "ls -A").
>
> Yeah, that's the same situation as the .directory files.
>
> What you can actually get even the slightest look at, in any unix-based
> filesystem, is determined by the "x" (traverse) permission on a directory.
>
> So if you want to hide, say, /sbin from ordinary users, you remove the "x"
> permission from world, and make special users part of a group that does
> have "x" permission. It gets complicated ... :-)
>
> >> I am curious because I read a trial brief this week concerning a laptop
> >> that was inspected by border control agents through actually turning it
> >> on.
> >
> > If you want to hide something from border control agents, it is probably
> > better to not have sensitive data on the machine.
>
> That's really your only option. If you try to _hide_ data from US border
> control, I believe you're now committing a crime.
>
> At least one legal office is now sending it's lawyers across the Canada-US
> border with clean laptops - they download everything they need from
> the 'net. It's scary to imagine that its now more secure to save your data
> on the Internet than on a well protected laptop (or that the people we most
> have to protect ourselves from, are the people we expect to protect us).
>
> > I read something the
> > other day, that a laptop hard disk was cloned at border control. You
> > can't really hide an account because the user name has to be listed
> > in /etc/passwd. Maybe you want to read a bit about truecrypt at
> > <http://www.truecrypt.org>, but I can't tell you how safe that would be
> > at border control.
>
> Failing to deliver the decryption key could be a violation of the PATRIOT
> act.
> --
> derek

I'm not looking at violating laws, but do wish to understand the technical
aspects of this scenario. Here is my recap of what was suggested so far--and
I thank folks for responses, I am getting educated.

1. External harddrives are one solution, until all your personal affects are
searched....this would require another traveler to hold the drive during the
travel. Shipping the drive would entail a loss of accountability because the
package could get searched along the way.

2. If the harddrive is cloned, then how good are the capabilities to examine
it at most security checkpoints. Do most security checkpoints even have
capability to clone? If the equipment is confiscated, then the loss is as
total as having the data read by unwanted eyes.

3. Despite what these lawyers are doing, I do not trust the internet as a
viable option for secure storage. If it is on the net, it is available for
all to hack and see.

4. Someone above mentioned that even if the user account were not visible in
the display manager, the username had to be listed in /etc/passwd...which
would be a give away to investigators that something is up.

5. Any overt encryption would also be a dead giveaway.

6. Perhaps my question would be rephrased to, "how to hide data in such a
transparent way so as to not arouse suspicions that would cause further
investigation?"


Good discussion.

Larry

--
kubuntu-users mailing list
kubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/kubuntu-users
 
Old 04-26-2008, 02:12 AM
Billie Walsh
 
Default Security-related questions

Larry Hartman wrote:
> On Friday 25 April 2008 07:00:39 am Derek Broughton wrote:
>
>> Nils Kassube wrote:
>>
>>> Larry Hartman wrote:
>>>
>>>> Is it possible to create two user accounts, one that shows up in the
>>>> KDM/GDM logon display with restricted accesses, and another that is
>>>> invisible to KDM/GDM with more accesses?
>>>>
>>> At least for KDM the user isn't visible if the user ID is below 1000.
>>>
>> And you can specifically exclude users from the KDM login chooser - I
>> suspect, but don't know, that such users could still be used to login if
>> you actually used a valid username/password.
>>
>>
>>>> In the same vein, pertaining to these two accounts, is it possible to
>>>> restrict visibility to certain directories from the restricted
>>>> account
>>>>
>>> This can be done with the usual file / directory permissions. However you
>>> can't hide essential directories like /usr/bin etc.
>>>
>> Again, you can _hide_ all sorts of things in konqueror (using .directory
>> files, iirc - I've deleted the ones kubuntu installs by default, so I'm not
>> certain) - but it's just "security through obscurity".
>>
>>
>>>> to hide directories and files from view, even the "hidden"
>>>> options in the various file managers--so that only when logging into
>>>> the user account with more access do they become visible?
>>>>
>>> The hidden attribute is only a sort of interpretation of file names
>>> starting with "." by the file managers or other programs. If there is no
>>> global configuration override, you probably can't make "hidden" files
>>> invisible. And in a terminal you can definitely see the files with the
>>> appropriate commands (e.g. "ls -A").
>>>
>> Yeah, that's the same situation as the .directory files.
>>
>> What you can actually get even the slightest look at, in any unix-based
>> filesystem, is determined by the "x" (traverse) permission on a directory.
>>
>> So if you want to hide, say, /sbin from ordinary users, you remove the "x"
>> permission from world, and make special users part of a group that does
>> have "x" permission. It gets complicated ... :-)
>>
>>
>>>> I am curious because I read a trial brief this week concerning a laptop
>>>> that was inspected by border control agents through actually turning it
>>>> on.
>>>>
>>> If you want to hide something from border control agents, it is probably
>>> better to not have sensitive data on the machine.
>>>
>> That's really your only option. If you try to _hide_ data from US border
>> control, I believe you're now committing a crime.
>>
>> At least one legal office is now sending it's lawyers across the Canada-US
>> border with clean laptops - they download everything they need from
>> the 'net. It's scary to imagine that its now more secure to save your data
>> on the Internet than on a well protected laptop (or that the people we most
>> have to protect ourselves from, are the people we expect to protect us).
>>
>>
>>> I read something the
>>> other day, that a laptop hard disk was cloned at border control. You
>>> can't really hide an account because the user name has to be listed
>>> in /etc/passwd. Maybe you want to read a bit about truecrypt at
>>> <http://www.truecrypt.org>, but I can't tell you how safe that would be
>>> at border control.
>>>
>> Failing to deliver the decryption key could be a violation of the PATRIOT
>> act.
>> --
>> derek
>>
>
> I'm not looking at violating laws, but do wish to understand the technical
> aspects of this scenario. Here is my recap of what was suggested so far--and
> I thank folks for responses, I am getting educated.
>
> 1. External harddrives are one solution, until all your personal affects are
> searched....this would require another traveler to hold the drive during the
> travel. Shipping the drive would entail a loss of accountability because the
> package could get searched along the way.
>
> 2. If the harddrive is cloned, then how good are the capabilities to examine
> it at most security checkpoints. Do most security checkpoints even have
> capability to clone? If the equipment is confiscated, then the loss is as
> total as having the data read by unwanted eyes.
>
> 3. Despite what these lawyers are doing, I do not trust the internet as a
> viable option for secure storage. If it is on the net, it is available for
> all to hack and see.
>

Not to mention the CIA snooping through everything "we" do on the net.

> 4. Someone above mentioned that even if the user account were not visible in
> the display manager, the username had to be listed in /etc/passwd...which
> would be a give away to investigators that something is up.
>
> 5. Any overt encryption would also be a dead giveaway.
>
> 6. Perhaps my question would be rephrased to, "how to hide data in such a
> transparent way so as to not arouse suspicions that would cause further
> investigation?"
>
>
> Good discussion.
>
> Larry
>
>

The best way is to keep anything you want to "hide" is in the computer
between your ears. I don't "think" they have perfected mind reading yet.
But it is a possibility.

--
Life is what happens while your busy making other plans.


--
kubuntu-users mailing list
kubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/kubuntu-users
 
Old 04-26-2008, 04:55 AM
Karl Klinger
 
Default Security-related questions

Larry Hartman wrote:

> 6. Perhaps my question would be rephrased to, "how to hide data in such a
> transparent way so as to not arouse suspicions that would cause further
> investigation?"

A few ideas:

1. Keep your sensitive data in a directory called, for example,
'pictures', and then hide it by mounting a partition actually containing
pictures over it.

2. Keep your sensitive data in a separate partition. Delete the
partition before crossing the border, and then recreate it in the same
place on the disk. While the partition is deleted it will show up as
free space in disk partitioning utilities, but after you recreate it the
file system and data will still be there.

3. Same as 2, except use an encrypted partition. Might make it less
obvious that there is data in the 'free' space.

Karl

--
kubuntu-users mailing list
kubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/kubuntu-users
 

Thread Tools




All times are GMT. The time now is 11:36 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org