clebano
asked on
Hidden File
I need a way to hide a file in Solaris 2.6 or above.
This file will be accessible only by root, but it's name must not appear using ls, find, etc.
Just root (that knows it's name) will be able to see the contents of it.
Is there any way to do it ? Maybe a C program ?
Thanks in advance.
This file will be accessible only by root, but it's name must not appear using ls, find, etc.
Just root (that knows it's name) will be able to see the contents of it.
Is there any way to do it ? Maybe a C program ?
Thanks in advance.
May be you need to write your own "ls" command in order to do this and replace the existing ls command.
raza
Just replacing the ls command is not enough, its easy enough to edit the directory with vi to see what it contains.
Just replacing the ls command is not enough, its easy enough to edit the directory with vi to see what it contains.
what sun OS allow you to do that...? I don't get the directory listing on Solaris 2.8 by doing vi on a directory.
apologies raza - I was using Linux, you're right, I can't see the directory contents on my Solaris and AIX systems
(sound of head banging on table)
Cheers - Gavin
(sound of head banging on table)
Cheers - Gavin
How will you be using the data in the "file"? If it's to be access with anything that relies on normal file accesses then you can't hide the file so that it can't be found. You can, as has already been suggested make the file only visible and usable by root, but if you don't control the root account it really isn't hidden.
If only a program will be accessing the data you can always use a raw slice to hold the data. Of course that means that the code that will access the data needs to be run by root.
raza,
Try 'cat some-dir-name'...
If only a program will be accessing the data you can always use a raw slice to hold the data. Of course that means that the code that will access the data needs to be run by root.
raza,
Try 'cat some-dir-name'...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
apologies raza - I was using Linux, you're right, I can't see the directory contents on my Solaris and AIX systems
(sound of head banging on table)
Cheers - Gavin
(sound of head banging on table)
Cheers - Gavin
I can see them on my Solaris systems. Just do a 'cat some-dir-name'
we seemed to have veered away from the topic though...
jlevie - don't you mean 'strings some-dir-name'
or 'echo *' in a directory does the same.
i have also used an 'od -c some-dir-name' whilst
investigating break-ins.
Regards,
Festive
jlevie - don't you mean 'strings some-dir-name'
or 'echo *' in a directory does the same.
i have also used an 'od -c some-dir-name' whilst
investigating break-ins.
Regards,
Festive
Nope, I mean cat. A directory is just a special kind of file and cat really doesn't care that it's special. While I haven't tried that lately on an SGI, from what I do know about an SGI's file system I'm reasonably certain it would work.
echo and strings will also show the names and obviously od would.
echo and strings will also show the names and obviously od would.
On a Solaris system (SPARC 2.8)
you get text + binary content (presumably inode references etc) and a very nasty sideways stepping effect.
Thats why I thought you meant strings (the output of which is clean and programatically useful (though not Always reliable - depending upon the filenames).
you get text + binary content (presumably inode references etc) and a very nasty sideways stepping effect.
Thats why I thought you meant strings (the output of which is clean and programatically useful (though not Always reliable - depending upon the filenames).
Well, I didn't say it was pretty, only that it works.
jlevie, It doesn't work on mine Solaris 2.8
# cat 'top'
cat: input error on top: Is a directory
# cat 'top'
cat: input error on top: Is a directory
I think you are all diverting somewhat here, lets get back to the question in hand.
:)
:)
ASKER
I'm seeking something like overmounting or mkdir '..' (not using spaces or other chars).
The problem is that overmounting is no working ... i'm getting error messages "no block device", "no log for ..."
Some more suggestions ...
The problem is that overmounting is no working ... i'm getting error messages "no block device", "no log for ..."
Some more suggestions ...
Are you trying to access the 'hidden file' while the directory that contains the file is over mounted? You can't do that. The proper method using over mounting is to do the file access, then over mount the directory to hide the file.
clebano - you need to mount a REAL device over the top.
your BEST option is a kernel rootkit or chrooted
environment - as this will insulate ALL of your activity/files from unauthorized view.
your BEST option is a kernel rootkit or chrooted
environment - as this will insulate ALL of your activity/files from unauthorized view.
No comment has been added lately, so it's time to clean up this Topic Area.
I will leave a recommendation for this question in the Cleanup topic area as follows:
- Answered by festive
Please leave any comments here within the next 7 days
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER !
tfewster
Cleanup Volunteer
I will leave a recommendation for this question in the Cleanup topic area as follows:
- Answered by festive
Please leave any comments here within the next 7 days
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER !
tfewster
Cleanup Volunteer
per recommendation
SpideyMod
Community Support Moderator @Experts Exchange
SpideyMod
Community Support Moderator @Experts Exchange
Example;
# mkdir /rootonly
# chmod 700 /rootonly
Then create any number of 'hidden' files in there.