Results 1 to 4 of 4

Thread: Home Folder Encryption Discussion

  1. #1
    Join Date
    Jul 2013
    Beans
    52

    Home Folder Encryption Discussion

    Assuming the physical security of a machine or VM is accounted for (aka VM hosted on a encrypted drive) does Home Folder encryption serve a purpose?

    For example with home folder encryption a sudo user can still access the home folders of other non-sudo users (although I am unsure of the exact qualifications that allow an account to access other accounts home folders).

    Does home folder encryption provides any security in terms of protecting a machine against an intruder already in the system? For example would an intruder accessing the system remotely with no sudo access have a harder time getting into the home folder of a sudo user if home folders are encrypted as opposed to if they aren't?
    Last edited by schnappi2; November 17th, 2013 at 06:26 PM.

  2. #2
    Join Date
    Nov 2013
    Location
    USA
    Beans
    10
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Home Folder Encryption Discussion

    If the folder is encrypted, the user will need to put in HIS password to unencrypt it. Period.
    The root user won't be able to do anything until the home folder is unencrypted.
    That said, you typically unencrypt partitions BEFORE starting the machine.

    Home folder encryption will secure your files from prying eyes in the case that they force a restart of your computer (hoping to use an installation disc for example) and try to view your files by circumventing the currently logged in user.

    HTH

  3. #3
    Join Date
    Jul 2013
    Beans
    52

    Re: Home Folder Encryption Discussion

    Quote Originally Posted by public3 View Post
    If the folder is encrypted, the user will need to put in HIS password to unencrypt it. Period.
    The root user won't be able to do anything until the home folder is unencrypted.
    That said, you typically unencrypt partitions BEFORE starting the machine.

    Home folder encryption will secure your files from prying eyes in the case that they force a restart of your computer (hoping to use an installation disc for example) and try to view your files by circumventing the currently logged in user.

    HTH
    What you stated has to be incorrect. I just logged in via SFTP with a sudo account and was able to open and view files in home folder of other users...

  4. #4
    Join Date
    Mar 2006
    Location
    Williams Lake
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: Home Folder Encryption Discussion

    IF you are logged into the system, and have unencrypted the partition, of course a user with elevated permissions is going to be able to view the contents. I'd suggest you log out of the target system, and try again.

    Encrypting a partition/system only works if the user isn't logged in. Once the user logs in, anyone can access the partition, especially if you have the standard Ubuntu home partition permissions set.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •