[SOLVED] I can access home folder on internal drive via live environment

Questions about Grub, UEFI,the liveCD and the installer
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Locked
johnbeen

[SOLVED] I can access home folder on internal drive via live environment

Post by johnbeen »

Hi all,
I was really a bit surprised when I today booted a Linux Mint 19 live environment via a USB drive on my also Linux Mint 19 workstation. I didn't expect that I could access all my files on my internal system ssd via this usb live environment without any need for a password. I was a bit shocked so I tried this on my other desktop and my laptop, all being installed with Linux Mint 19, and on all systems I can access, without needing a password, all my files on the internal SSDs as well. I can even access the root folder and see the content. This means that everyone with a Linux Mint 19 usb stick can access my systems and just read and copy my data. This is not what I expected. How is it possible that on machines where I normally need to login via my user name and password to be able to access the system and my files, I don't have to do that if I just boot up via a usb live environment. Have I done something wrong during the installation of my machines?
Thanks in advance.

Kind regards,
John
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 2 times in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
WharfRat

Re: I can access home folder on internal drive via live environment

Post by WharfRat »

johnbeen wrote: Sun Dec 09, 2018 11:08 am Have I done something wrong during the installation of my machines?
You didn't do anything wrong during the installation.

If you're concerned about being able to access your system files then a full encrypted installation would prevent that without the password to unlock the LUKS container

If your only concern is the home folder then opting for an encrypted home will prevent that although it makes recovering data more complicated.

And you can encrypt both the system and the home folder during installation.

Otherwise being able to access your Mint installation from a live session is normal.
johnbeen

Re: I can access home folder on internal drive via live environment

Post by johnbeen »

Hi WharfRat, thanks for your quick reply.

So if I understand correctly everyone with a Linux Mint usb drive can access all my data on my internal drives when I don't use encryption. So even my password to sign in is of no value then if for example my laptop is stolen? The thief just plugs in a USB stick and can access all data.
It is clear now for me from your answer that being able to access your Mint installation from a live session is normal, but I doubt if everyone is aware of this.
Thanks again. I learn new things every day thanks to this great community.

Kind regards,
John
User avatar
Moem
Level 22
Level 22
Posts: 16226
Joined: Tue Nov 17, 2015 9:14 am
Location: The Netherlands
Contact:

Re: I can access home folder on internal drive via live environment

Post by Moem »

johnbeen wrote: Sun Dec 09, 2018 11:33 am So if I understand correctly everyone with a Linux Mint usb drive can access all my data on my internal drives when I don't use encryption. So even my password to sign in is of no value then if for example my laptop is stolen? The thief just plugs in a USB stick and can access all data.
This is true. It's also true on machines that use Windows: boot them to a Linux live environment, and the data is yours for the taking. This is why some/many people encrypt their systems.
Image

If your issue is solved, kindly indicate that by editing the first post in the topic, and adding [SOLVED] to the title. Thanks!
redlined

Re: I can access home folder on internal drive via live environment

Post by redlined »

hi johnbeen and all!

Great topic! I thought setting a root password disallowed some access but a reread of the guide I often refer to tells me this is really only protection from say boot into recovery mode and as root shell can change user passwords and other mischiefs...

Besides encrypting home and/or whole OS another option may be Bios or UEFI passwords set for changing options and disk drive(s), this will give some simple protection by not even enabling the hard drive until password is entered.
johnbeen

Re: I can access home folder on internal drive via live environment

Post by johnbeen »

Hi all,
Thanks for all your input.
I had a discussion with other Linux users on this topic and indeed many of them are not aware of the "power" of a live environment in combination with a not encrypted installation. I have all my user data on external hard disks, so for me personally the problem outlined is not too big, but it could be for people who have everything on their laptop and use the standard folders such as Documents, Music and Pictures. So for them it is at least important to realize that under a standard installation of Linux Mint their data is not necessarily safe.
But the option to set a Bios or UEFI password is a great alternative.

Well for me all your input has become a nice topic for my website as I think it is important to inform novice Mint users.

Thanks.
gm10

Re: I can access home folder on internal drive via live environment

Post by gm10 »

johnbeen wrote: Sun Dec 09, 2018 2:01 pm I had a discussion with other Linux users on this topic and indeed many of them are not aware of the "power" of a live environment in combination with a not encrypted installation. I have all my user data on external hard disks, so for me personally the problem outlined is not too big
As was said, that's the same for all operating systems. If your data isn't encrypted on the drive, anything can read it from the drive. Seems self-evident to me but I suppose from a non-technical novice point of view it probably is not. Therefore let me point out that the same applies to your external disks. If somebody gets their hands on them and they are not encrypted, they are of course easily accessed.

On the same note:
johnbeen wrote: Sun Dec 09, 2018 2:01 pm But the option to set a Bios or UEFI password is a great alternative.
Easily defeated by pulling the BIOS battery or shorting the corresponding jumper on the motherboard, and also by simply removing your disk and accessing it from another device. In other words, this is not a security measure.
redlined

Re: I can access home folder on internal drive via live environment

Post by redlined »

johnbeen wrote: Sun Dec 09, 2018 2:01 pm Hi all,
Thanks for all your input.
I had a discussion with other Linux users on this topic and indeed many of them are not aware of the "power" of a live environment in combination with a not encrypted installation. I have all my user data on external hard disks, so for me personally the problem outlined is not too big, but it could be for people who have everything on their laptop and use the standard folders such as Documents, Music and Pictures. So for them it is at least important to realize that under a standard installation of Linux Mint their data is not necessarily safe.
But the option to set a Bios or UEFI password is a great alternative.

Well for me all your input has become a nice topic for my website as I think it is important to inform novice Mint users.

Thanks.
hi johnbeen!

Be sure to mention that for computers that allow easy access to mobo (eg. desktops and many laptops with cases that can be opened enough) the password resets to none by removing cmos battery or simple jumper (or dips switch) as well there may be other password recovery or reset options likewise trivial. For personal files protection mounting an encrypted drive where you've symlinked your common personal file storage directories (such as Documents, Downloads, Music, Videos, Pictures, but not recommended for Desktop) may be best safe storage advice then you avoid such encryption issues that sound common for Linux native encrypting /home and/or OS with LUKS (like bitlocker for windows). Tutorials for setting this up are common and I'll bet it is possible to have a script run to decrypt those user file storage spaces on bootup.

ps. care to share that link to your website?! Ima a novice Mint user, slowly growing out of my dangerous phase 8)
johnbeen

Re: I can access home folder on internal drive via live environment

Post by johnbeen »

redlined wrote: Sun Dec 09, 2018 2:39 pm hi johnbeen!

Be sure to mention that for computers that allow easy access to mobo (eg. desktops and many laptops with cases that can be opened enough) the password resets to none by removing cmos battery or simple jumper (or dips switch) as well there may be other password recovery or reset options likewise trivial. For personal files protection mounting an encrypted drive where you've symlinked your common personal file storage directories (such as Documents, Downloads, Music, Videos, Pictures, but not recommended for Desktop) may be best safe storage advice then you avoid such encryption issues that sound common for Linux native encrypting /home and/or OS with LUKS (like bitlocker for windows). Tutorials for setting this up are common and I'll bet it is possible to have a script run to decrypt those user file storage spaces on bootup.

ps. care to share that link to your website?! Ima a novice Mint user, slowly growing out of my dangerous phase
Hi redlined,
Thanks for your input.
My website is www.reallinuxuser.com
I always have been a mac user, but 3 years ago I made the complete switch to Linux and I am happy with that decision. In this complete new journey I found that a lot of Linux related websites were to much focused on the technical backgrounds of the distros and not on what you can actually do with it. I told a lot of my friends and colleagues about Linux but they also wanted to hear more about how to use it as a content creation environment. So that's why I started my website which is primarily focused on the great applications that are out there, but there is also a (almost finished) Linux Mint beginner course.
But a discussion like the one we have here can be nice awareness material for a Linux beginner website as well.
Thanks again.
HaveaMint
Level 6
Level 6
Posts: 1088
Joined: Fri Feb 02, 2018 9:56 pm

Re: I can access home folder on internal drive via live environment

Post by HaveaMint »

I just keep my sensitive files locked up in keepassxc. To me the sensitive files contain personal ID stuff (SS#, passwords and such)
"Tune for maximum Smoke and then read the Instructions".
redlined

Re: I can access home folder on internal drive via live environment

Post by redlined »

hi John! your site looks great, and bookmarked, and thanks for sharing!

one note: consider adding Easy Linux Tips project to your 10 Great Linux websites list :mrgreen:

(it is Pjotr's work (local fourm guru) and really makes simple the linux basics on up to some advanced stuff all specifically Mint, all flavors, with Ubuntu tips as well detailed. It's a great start point specific to Linux Mint versions and DE's

anyways, looks real good- I agree on the value of the conversation and I appreciate you starting it- I learned something again and that's always a bonus 8)
User avatar
JerryF
Level 16
Level 16
Posts: 6554
Joined: Mon Jun 08, 2015 1:23 pm
Location: Rhode Island, USA

Re: I can access home folder on internal drive via live environment

Post by JerryF »

Any live mint environment has root privileges, so that's why it performed as you found out.
Locked

Return to “Installation & Boot”