How to create hidden files in Linux?

Question

In my program, I have to make a file hidden in order to avoid removal or modification of the file.

PATH=/etc/
NAME = file

Is there a function in C that will allow me to do that?

Answer 1

You can just add a . to the front of the file name. Having said that if your goal is to not allow modification of the file change the permissions to something that can't be modified. Something like:

chmod 444 fileName

Answer 2

First: others argue with security arguments here. For those: Hidden files have nothing to do with security nor will it prevent somebody from deleting a file if he has propper permission and wants to do that.

Hidden means only that tools like ls, bash globs or a graphical file managers will not display the files with their default settings. This can be useful to prevent from accidents (see explanation below) or just to keep directory listings more clean. You may try the commands ls -l $HOME and ls -al $HOME in order to see the differences.

On GNU/Linux systems and UNIXs it is by convention that files which's name begins with a dot . will not being displayed by default meaning they are hidden. Like $HOME/.bashrc

Solution: Prefix the file name with a dot:

.file

---

About accidents. Hiding a file can prevent you from accidently removing it when you type something like:

rm *

The glob above will not list hidden files so they won't get deleted.

Answer 3

In LINUX Hidden file are start with .(DOT)

if you create files with starting .(DOT), those files are hidden.

You can use chmod to set permissions to the file.

if you set only read only then those cannot be modified in program

chmod 444 filename

if you want to use this from C-language use system() function to execute this command

if You use simple ls -alF you can see those files.

the below files are hidden files In LINUX

-rw-------  1 root root   27671 Sep 17 11:40 .bash_history
-rw-r--r--  1 root root    3512 Jul 23 16:30 .bashrc

Answer 4

There are no hidden files on Linux. Some tools don't show files starting with . as others already mentioned.

Anyway, you can experiment with putting control characters like new-line into the filename. See Control characters in filenames are a terrible idea:

Some control characters, particularly the escape (ESC) character, can cause all sorts of display problems, including security problems. Terminals (like xterm, gnome-terminal, the Linux console, etc.) implement control sequences. Most software developers don’t understand that merely displaying filenames can cause security problems if they can contain control characters. The GNU ls program tries to protect users from this effect by default (see the -N option), but many people display filenames without getting filtered by ls — and the problem returns. H. D. Moore’s “Terminal Emulator Security Issues” (2003) summarizes some of the security issues; modern terminal emulators try to disable the most dangerous ones, but they can still cause trouble. A filename with embedded control characters can (when displayed) cause function keys to be renamed, set X atoms, change displays in misleading ways, and so on. To counter this, some programs modify control characters (such as find and ls) — making it even harder to correctly handle files with such names.

Answer 5

Your requirements are a bit vague: the program creates a file, wants to prevent its removal or modification. Do you expect other users (of your program? in general?) to be able to read it, but not find it easily, or modify or delete it?

Keep in mind that Unix-like systems don't really do hidden when the resource involved needs to remain visible (readable, presumably), as others have noted. Prepending a '.' to a file name helps in some important contexts (default ls(1) behavior and shell * globbing in particular) but only goes so far. But a few techniques might help obscure what and where your app is saving things, if that matters.

Consider two users doing some shell commands like the following in a directory with its sticky bit set (say /tmp). (Sorry to not write C, but I think the scenario is easier to demonstrate out in the shell.)

As Bob:

$ umask 066
$ mkdir /tmp/.hidden
$ umask 022
$ echo xyzzy > /tmp/.hidden/mysecret.txt
$ ls -la /tmp/.hidden
total 28
drwx--x--x  2 bob  users 4096 Sep 17 11:19 .
drwxrwxrwt 27 root root 20480 Sep 17 11:26 ..
-rw-r--r--  1 bob  users    6 Sep 17 11:19 mysecret.txt

As Alice. Notice that attempts to search in /tmp/.hidden fail, but if she knows the name of a file in a directory with only execute but not read permissions set, she can read the file. She can't do much to mess with /tmp/.hidden, once it's properly created. If she'd been forced to guess the name of the secret file, that could also be a challenge depending on how the name is created.

$ ls /tmp | grep hidden
$ ls -a /tmp | grep hidden
.hidden
$ file /tmp/.hidden
/tmp/.hidden: directory
$ ls /tmp/.hidden 
ls: cannot open directory /tmp/.hidden: Permission denied
$ echo /tmp/.hidden/*
/tmp/.hidden/*
$ file /tmp/.hidden/mysecret.txt
/tmp/.hidden/mysecret.txt: ASCII text
$ cat /tmp/.hidden/mysecret.txt
xyzzy
$ rm -f /tmp/.hidden/mysecret.txt
rm: cannot remove '/tmp/.hidden/mysecret.txt': Permission denied
$ mv /tmp/.hidden /tmp/Hidden_No_More
mv: cannot move '/tmp/.hidden' to '/tmp/Hidden_No_More': Operation not permitted
$ rm -rf /tmp/.hidden 
rm: cannot remove '/tmp/.hidden': Permission denied

In this scenario, the presence of the hidden directory can be obscured, but ls -a reveals its name. Carefully chosen directory permissions prevent non-root and non-Bob users from listing or altering its contents. The use of a sticky-bit directory like /tmp prevents non-Bobs from renaming or removing the "hidden" directory. Anyone who knows the name of the "secret" file within the hidden directory can read it. But only Bob and root can change these "secret" files or the "hidden" directory.

You can do all the above in a C program; equivalents exist as library and system calls - see things like chmod(2), mkdtemp(3), umask(2), the mode argument to open(2), etc.

Answer 6

If you use a kernel >= 3.11, you might want to try the O_TMPFILE-flag. This kernel have been released on the 14.09.2013. Debian Jessie uses Kernel 3.16. so this feature should be available on all recent popular distributions.

The news about this sounds promising. The file will be unreachable from the outside. No other process or may access this file .. neither read nor write. But the file will be lost as soon as the handle gets closed. Or link it to a regular file. But then, it will be accessible as any other file.

If this is not an option for you (e.g. your file needs to be persistent): bad luck. There is no real "hidden" file in linux. You can hide your persistent files as secure as files on windows with the hidden attribute: prepend the name with a dot. As stated by others: ls -a will show them nevertheless.

Also, you can create a user specifically for your use and make the file read- and writable only for this user or put it in a folder, where only your user have rw-access. Other users may see this file but wont be able to access it. But if root comes along and want to look into it, you have lost.

Answer 7

Sure,you have to add '.' before filename and your file wouldn't be seen by user(except user will turn the hidden files show option on). You could change the attrybutes (chmod) to 755 and only user could rwx and others could rx.

Answer 8

hek2mgl - partially yes - it has. Try to remove via rm -rf * manner all of directory content. That's why for example .htaccess is hidden.