I have Red notebook, a free application for note-taking. It doesn’t have password protection upon its start, so I would like to be able to set a password to prevent someone who temporarily uses my computer from opening it and accessing my journal. One way is to edit the .desktop file in $HOME/Desktop and change the
Exec=/usr/bin/rednotebook
to
Exec=kdesu /usr/bin/rednotebook
, but then if I introduce the kdesu password it won’t prompt me again if I restart Red notebook. Is there a way to set a different password from kdesu and be prompted with it each time I open Red notebook?
Create a separate user login account for the somebody who temporarily uses your computer. That way, the temp user will see his own journal, rather than your journal.
That “someone” should have his/her own userid. And you should never tell your password to anybody. That is how security is organised in a multu-user operating system like Unix/Linux.
That’s breaking the basics of linux security: root owns the system, each user owns his/her homedir. The user login is the door to your vault. Using a password there is what makes your safety / security, not for a single app.
My kids know they cannot and shall not use anything in my account. “Switch user” is their option. They login on their own accounts to do whatever they want.
On 2013-11-13 12:36, riderplus wrote:
>
> I have Red notebook, a free application for note-taking. It doesn’t have
> password protection upon its start, so I would like to be able to set a
> password to prevent someone who temporarily uses my computer from
> opening it and accessing my journal. One way is to edit the .desktop
> file in $HOME/Desktop and change the
No, you are looking at it wrong.
You already have a password, your user password: that’s the one you have
to use. Do not allow other users to run your desktop, give them their
own user login and password. They will then not see ANY of your files.
Of course, you have to edit the data files permissions so that the
“group” and “other” permissions are cleared.
Of course, if they boot with a live CD, they will have access to
everything. In that case, you migth consider encryption.
–
Cheers / Saludos,
Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)
Oh, man…I didn’t refer to this, I don’t know why everyone misunderstood…I was asking for a way to launch the program and request the password upon start, if someone tries to use my computer when I’m not at my desk, for instance. I don’t know why you pushed this issue to Linux security itself. I know it’s related to Linux security, but it doesn’t involve those security issues you’ve all raised.
That seems to be some sort of security to be implemented in the application itself. As you say, it has nothing to doo with Linux security. But why are you then trying to do something on the Linux level where it should be programmed in the application?
And there’s good explanation of the issues in the comments. In summary,
you have at least four choices:
(1) use session security (set a locked screensaver when you leave your
computer)
(2) encrypt the data (give a password to unlock it before starting
rednotebook, and lock it again when you finish. You could write a short
shell script to wrap the encryption commands around rednotebook)
(3) wait for the author to incorporate a facility in the program
(4) use a forked version that includes the facility
BTW, thanks for pointing out rednotebook. It looks like an interesting
application.
> Oh, man…I didn’t refer to this, I don’t know why everyone
> misunderstood…I was asking for a way to launch the program and request
> the password upon start,
Not “the” password. You are requesting root’s password, and that is wrong.
–
Cheers / Saludos,
Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)
Let me put it this way, Carlos: I want the application to start and prompt me with my user password each time it starts (how can you do that using kdesu -u myuser -c /usr/bin/rednotebook…maybe? it doesn’t work though…). Is that possible? It should, it’s Linux, FFS
Dave Howorth wrote:
> BTW, thanks for pointing out rednotebook. It looks like an interesting
> application.
I just tried it. It still looks interesting but I got a very unexpected
response to a CTRL-Z:
^ZINFO Program was abnormally aborted with signal 20
INFO The content has been saved to /home/dhoworth/.rednotebook/data
INFO Configuration has been saved to disk
INFO Goodbye!
So it looks like the author doesn’t quite understand how Unix signals
should work. Oh well
Dave Howorth wrote:
> Dave Howorth wrote:
>> BTW, thanks for pointing out rednotebook. It looks like an interesting
>> application.
>
> I just tried it. It still looks interesting but I got a very unexpected
> response to a CTRL-Z:
>
> ^ZINFO Program was abnormally aborted with signal 20
> INFO The content has been saved to /home/dhoworth/.rednotebook/data
> INFO Configuration has been saved to disk
> INFO Goodbye!
>
> So it looks like the author doesn’t quite understand how Unix signals
> should work. Oh well
Oh and it doesn’t seem to be properly network aware. It gets confused
with its help if run over the net. Tries to open the help file on the
client rather than the server.
On Wed, 13 Nov 2013 11:36:01 +0000, riderplus wrote:
> I have Red notebook, a free application for note-taking. It doesn’t have
> password protection upon its start, so I would like to be able to set a
> password to prevent someone who temporarily uses my computer from
> opening it and accessing my journal. One way is to edit the .desktop
> file in $HOME/Desktop and change the Code:
> --------------------
> Exec=/usr/bin/rednotebook
> --------------------
> to
> Code:
> --------------------
> Exec=kdesu /usr/bin/rednotebook
> --------------------
> , but then if I introduce the kdesu password it won’t prompt me again if
> I restart Red notebook. Is there a way to set a different password from
> kdesu and be prompted with it each time I open Red notebook?
I do something like this with my newsreader (used for the forums).
Put the data in an encfs protected directory, then run a shell script to
launch it that prompts for the encfs password. (I do this because I sync
the data directory with Dropbox).
The basic bash script is pretty simple:
#!/bin/bash
export PW=`zenity --password --title "Enter encfs password"`
if "$PW" == "" ] ; then
exit
fi
echo $PW | encfs -S ~/Dropbox/.pan2 ~/.pan2
if -f ~/.pan2/preferences.xml ]; then
if ! -f ~/.pan2/isrunning ]; then
echo $PW | encfs -S ~/Dropbox/News ~/News
unset PW
touch ~/.pan2/isrunning
pan
rm ~/.pan2/isrunning
fusermount -u ~/News
fusermount -u ~/.pan2
else
zenity --warning --title "Error" --text "Pan is already
running on another system."
fusermount -u ~/.pan2
fi
else
zenity --warning --title "Error" --text "Incorrect password
entered."
fi
Since I’m the only one who uses the machine, having the password
displayed in the process list isn’t a big concern for me. You can see
that since I sync the path to another system, I set a semaphore file to
let the other machine know pan is running somewhere else.
>
> Let me put it this way, Carlos: I want the application to start and
> prompt me with my user password each time it starts (how can you do that
> using kdesu -u myuser -c /usr/bin/rednotebook…maybe? it doesn’t work
> though…). Is that possible? It should, it’s Linux, FFS
No way. You have to modify the source code of that application. Or, you
can create a script that requests a password and then starts the
application - however, if the other person just calls the application
directly, he will not be prompted.
You can then change the name of the application. But then, as the
wrapper script has to be readable, that person can of course read the
script and find out.
If you want safety, you have to use Jim’s method.
–
Cheers / Saludos,
Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)
OMG, it’s so intricate…so there’s no way to do it, apart from Jim’s method? I’m disappointed, really. I mean, if Linux is so secure, why can’t I just double-secure my applications? Maybe I want some desktop apps to be run with password-requests (as in kdesu), why isn’t that possible?
