Within his own home directory, no problem. chmod requires sudo IF used on folders/files not owned by the user.

If one is unsure of this, try it on a selected folder or file only, then log out and log in as another user and see if you can view the folder/files so changed.

or you could just open dolphin and go to / (root) then /home>right click your /home/you(where "you" is your user name) folder>click properties>click the permissions tab and under "others" change to "forbidden" no need for kdesudo YOU own it .

VINNY

It does when the user running chmod is not the owner of the file(s), otherwise it doesn't

I'm fairly sure that doesn't work...last I checked chmod can't change ownerships (only permissions), you need 'chown' to change ownerships

Corrected. Thank you.

I did it with this command + the reconfigure command and now I have the lightdm as a default display manager.

One last question on that issue. When I installed the lightdm I got this message on the konsole
"The following packages cannot be authenticated"
and then this one
"install these packages without verification"

What does it mean ?

This thread is really helpful. I always want to find a good way to lock a folder. Thanks, really.

I'm coming in late on this thread, but I use GreyGeeks method of just saving the file to a flash drive, but I don't encrypt it. When not in use, just simply remove the flash drive. You can't get any simpler than that.

Seriously, just try my way with the encfs service menu for Dolphin. It's a infinitely more secure, and no risk of losing a flash drive, somebody using it by mistake or dying. Flash drives tend to die a lot more frequently than standard HDDs. Then again, our motto on these forums is, "Use what works for you."

Not to sound condescending but why the f**k would you do that? It just seems computationally intensive and just perfect for something to go wrong. It's a really cool, and novel idea but it's just a bit weird. Seriously, there are so many easier, faster and more powerful solutions available. Encfs + service menu leaves you with a super easy to use, fast, and ultra secure encryption method to keep your data safe.

The only reason I could think to do your method would be split it and then encrypt the data. You could use it as a way for two party authentication i.e. two parties are needed to read the data while not trusting either party individually. Perfect way to stop a rogue employee stealing trade secrets, but you should always default to encryption to keep data safe above all else.

In a similar yet contrary vein... Why administrative passwords will never be like nuclear missile launchers.

I most definitely agree but I have l prefer to not leave too much power in the hands of a single person. I think for the example I used the solution is actually very clever. Although a sys admin as stated in your article should be inherently trusted, you can always apply the idea that one sys admin is always untrusted, and two working together is trusted. It's a very good approach for highly sensitive things. I do believe though that it is way overkill for 90% of use cases but it would prevent things like http://www.thewhir.com/web-hosting-n...n-2700-servers to an extent. Division of duties and responsibilities is really important for a reason. I'm not saying the solution is always practical, more often than not, it isn't, but for highly sensitive stuff it should be used. Also, at someplaces I've been they have a sys admin who only really has privileges on the mail side, another only on some of the database backends. For small companies you are left with little flexibility but bigger organizations can most definitely afford the expense in exchange for enhanced security. As a whole though, your analysis of the situation is spot on but I do think that there to ere on the side of caution is always best.