You can access the files by running dolphin with admin privileges:
hit alt-f2 to bring up krunner, and enter "kdesudo dolphin". In a livecd session, it won't ask for a password. In a normal session, it will.

If you reinstalled, and used the exact same username as before, you will be able to access the files normally afterward. This is one reason many of us recommend creating a separate /home partition when setting things up, so that you don't have to worry about permissions and all that.

I did what you said with a live CD and it worked. But I'm just wondering, if anyone can get access to my locked folders like that without a password then what all these system permissions are good for ?
By the way, How do you do it from Ubuntu live CD ?

You say, when reinstalling the system I would have to use the exact same user name. But what if I reinstall on a different machine. Right now I'm using a Dell computer - Vostro-270. When I installed Kubuntu I wrote my user name and Kubuntu attached it to the PC name and now it something like that " username-Vostro-270".
So, in this case what would be the user name I should use ?

About /home partition, I don't even use the /home folder... all of my data is on /media. Is that ok ?

any one with physical access to a computer can do whatever thay can ,,,, the permissions keep your "RUNNING" system secure and safe .
you would half to have your system encrypted to prevent easy access to your files if someone can have physical access to it .

the same way but with "gksu" and nautilus


then it is a completely new setup and you can do whatever you like .

just so we are not getting confused about the details ,,,(and computers are all about the details) open a terminal wile you are loged in as you and type ,,,,copy and paste the output hear.


which "Media" the one in your home partition ,,,,or in root......... you rote the root one /media ,,,,,,,but their may be a media in your /home/you as well ,,,,,,,,,,,,,,,,,,if the / one then you are filling your system partition with your data and not using the /home partition.

VINNY

I usually move the old hard drive to the new PC. So in this case, would it still be a new setup for the system permissions ?



AS you can see, it's /media but it is not on the system partition. One folder is on a different partition on the same HD as the system and the other is on a different HD.
I've never used /home and I don't really understand why people use it.

sory ,,,,,,I am a busy old man and will respond to a post then never find it agin ,,,,,,,your PM prompted this

.................................................. .................................................. .................................................. ...............................................


if your moving your hard drive to a new box you could try just firing it up ,,,,it may just work.

IF you reinstall the system after transferring it to the new box AND use the same user name "ron" files owned by ron on other partitions (the one you reinstall to will be wiped )or HD's from the old install should still be accessible ,,,,,if not that can be fixed with the "chown" command.

people use the /home/you because it is their for you for the purpose of keeping all your stuff in one place + you do use it whether you know it or not ,,,,,,,all your user defined configurations are stored their in the hidden . files .

I used to keep /home on a separate partition so all my data would not fill up the system partition ,,,,,,,,but now I have 5 OS's on this box and having separate /home partitions for all 5 is a bit much ,,,,,,,,SO now I just install the hole shebang to the one partition 50GB or so ,,,,,,and then link all the common home folders (Documents Downloads Music ect ,ect ,ect ) to their counter parts on a TB storage drive ,,,,,,this way my data is accessible from all OS's and anything I put in them uses the space on the TB drive .

like this


VINNY

Sorry if I've missed the point, but the purpose of permissions and ownership is to create basic filesystem security - to prevent unauthorized or accidental access to one's files in a controlled environment. Unlike the typical Windows environment, if I boot up and log in as my user, all the other users' files aren't instantly accessible. I need the root password or the user's password - basic security. Booting to a live CD bypasses much of this basic security because it introduces a new root password and a new set of users. If you are looking for security beyond basic security you need to do a lot more than a default install.

For example, when you do a new install of Kubuntu, the first user automatically gets user 1000 (ownership is numerically based, the names you use are mere aliases). When you boot to a live CD/USB guess what? The default user is 1000. Thus you automatically have access to the installed user's files on the hard drive. If this is a problem, disable CD/USB booting in BIOS and use a strong password to lock down the BIOS settings. Change your user ID to a number outside the reach of the default liveCD environment and you added some security - but only a little.

Think of it like your credit card (filesystem) and your wallet (computer). As long as I have no access to your wallet, your credit card is totally safe. As soon as I get your wallet in my hands (by booting to a liveCD/USB), I have your ID (user number) and your credit card is all mine. Keep your wallet in your possession and you have little to worry about.

Using an encrypted filesystem (like a PIN on your credit card) will help prevent this as will other steps, like changing defaults user id numbers and removing insecure functions like USB booting. However, if I get my hands on your wallet the game has changed. Preventing physical access is the only way to prevent this level of access. File ownership and permissions don't and are not intended to secure you from that.

Reading a bit more, it also seems like you're a bit unsure of how filesystems work and the purpose of mount points. /home is used to segregate files that belong to users away from files that belong to the system. /media (currently and usually depending on distro of choice) is used for file systems that are transient like plug-able devices, CD's, etc. But these are defaults, not really rules. You - as the owner of the system - can change any of this if you like. Personally, I would advise against it. /home and /media along with all the other default locations for files are so we (and the system) have a known place to go when we're looking for a thing. You can certainly use /etc for your home folder, but don't complain when your settings get overwritten because the programmer of a certain application used the default locations for things and you did not.

For me; having users' file in /home makes for an easy backup. Backing up /home means I've backed up all users file - no thought required. Sticking in a USB drive and searching for the files is easy - it's in /media and under my username. I can change that, but I wouldn't because I can't see any advantage to doing so.

Now large amounts of media type files and a multi-boot system? Great example of why you would do something a little different. I use a /data mount that holds music, pictures, docs, etc. and I mount it under my /home directory in all my installs. That way I don't have to move large amounts of data between installs or duplicate stuff across installs. But I wouldn't use a default system folder for that purpose. That could only lead to disaster.

OK, I get it now.

A few more things though
The reason I'm using /media... for my personal files is that these were the default settings when I installed my system. This is where the system put my HD and partitions in the first place and there was no easy way (GUI) to change it to /home.

All I had to do was to decide how do I want it to mount on system settings




I get it that it is easier to backup all data when it's on /home but it's not a big deal to do it from /media as well.
The only thing is that my programs settings (like firefox) are on /home and since /home is on the system partition it might all disappear if the system won't boot one day.
I backup my system on an image file from time to time but it's not something I do every week.

As for encryption. How does it work in terms of computer resources (CPU and memory usage) ?

Can encrypted folder protect my files against ransomware

Using /media for personal data files (like docs, pics, whatever) is not likely going to cause any issues, but your home contains a lot more - like settings, configurations, etc. IME, I've never seen an installer use anything other than /home and it's subfolders as the default location for personal data files. /media is the default mount point (along with your username as a subfolder) for removable devices like CDs, thumb drives, etc.

As far as "ransomware" or viruses - in practicality there are none for linux. In theory they exist but anyone who tells you you can easily get one is spreading FUD. Don't install programs from unknown sources and don't run your system as root and you're 99.9% safe. To my knowledge, "ransomware" is a scheme where a criminal installs encryption on your data remotely via a virus and then makes you pay to unlock it. Besides that fact the virus wouldn't work, you'd have to give the process your root password too. Want to type your root password here on the forum? I doubt it, but even if you did the risk is small because someone would have to find you and gain control to enter it on your system.

Rootkit may be a real concern, but rkhunter installed and configured will prevent that.

Having said all that, encryption isn't defense against a virus. If you're logged in, your files aren't encrypted because you had to unlock the encryption to log in. Encryption protects your files from unauthorized access when you're not logged in.

Finally, I always have to point out that reality is the overriding consideration when developing a security plan. A solid firewall, strong passwords, and backing up your data will cover more than 99% of the security the average person really needs. You're not Google or Target or a bank. There aren't any teams of hackers out there trying to break into your system.