Encrypted home partition accessible by administrator

Robert Heller heller at deepsoft.com
Mon Apr 22 13:00:07 UTC 2019 

At Mon, 22 Apr 2019 16:53:45 +0800 "Ubuntu user technical support,  not for general discussions" <ubuntu-users at lists.ubuntu.com> wrote:

> 
> On 22/04/2019, Colin Law <clanlaw at gmail.com> wrote:
> > On Sun, 21 Apr 2019 at 22:25, Bret Busby <bret.busby at gmail.com> wrote:
> >> ...
> >> I wonder whether logging in as the user and using something like (as user)
> >> chmod 007 /home
> >> or
> >> chmod 007 .
> >>
> >> (I remember a rather unfortunate case where, in a UNIX unit, some
> >> decades ago, a classmate made the rather unfortunate mistake of
> >> entering, at the command line,
> >> chmod .
> >> That dot is what was entered in that command, not a punctuation mark
> >> to indicate the end of the sentence.
> >> His account could not be recovered. And, it was not me...
> >
> > Why could an administrator not use sudo chmod to put it back as it
> > should be.  Or if that was not possible for some reason then boot from
> > a live image, mount the drive, and do it from there?
> >
> > Nothing of that sort will stop an administrator using sudo to access
> > the files, as far as I know.
> >
> > Colin
> >
> 
> 
> Have you tried it?
> 
> >From memory, the superuser could no longer access the account, when
> the user applied the command
> chmod .
> as a privilege setting of 00x excluded even the superuserfrom
> accessing the account, which is why the account became absolutely
> inaccessible.

It would make it inaccessible, even to root, except that root would be able to 
chmod it some something else, making it accessible again.

> 
> I had thought that, as it applied to privileges in UNIX, it might
> equally apply in Linux.
> 
> But, hey, I do not profess to be a Linux expert.
> 
> I was simply offering a possible solution.
> 
> If you determine to avoid trying the possible solution, then, that is
> your prerogative.
> 

-- 
Robert Heller             -- 978-544-6933
Deepwoods Software        -- Custom Software Services
http://www.deepsoft.com/  -- Linux Administration Services
heller at deepsoft.com       -- Webhosting Services

More information about the ubuntu-users mailing list