Keeping your files private from anyone but those with superuser (root) access is easy on Linux. File permissions provide everything you need. By default, you'll have a username and primary group assigned to your account, and you can use the chmod (change mode) command to control what anyone else can view or change.
(If permissions like "750" and "rwxr-x---" don't ring any bells for you, check out these posts for insights into how file permissions work on Linux: A deeper dive into Linux permissions and Unix: beyond group and everyone else)
Any time you request a long file listing with the ls -l command, you'll see lines like this:
-rw-r-----. 1 myacct admins 2088 Jun 26 recipe
The permissions should be fairly obvious, but this little diagram identifies how the permissions relate to various users:
-rw-r-----
^^ ^ ^
|| | |
|| | +-- everyone else has no access
|| +----- other members of the admins group can read
|+-------- you have read and write access
+--------- file type ("-" identifies a regular file)
Note that if you were to set permissions on a file to 044 (---r--r--), you would not be able to view the file even though you're clearly a member of the group.
$ ls -l dumfile ----r--r--. 1 myacct amins 9 Jun 13 10:41 dumfile $ cat dumfile cat: dumfile: Permission denied
You could, of course, change the permissions back to something more reasonable.
If you see a + sign at the end of the permissions string (e.g., -rw-r-----+), that means that other users beyond those included in the owner, group and other groups also have access to the file. The getfacl command can be used to provide the details. In the example below, John Doe has read and write access in spite of the fact that he is not a member of the admins group.
$ getfacl recipe # file: recipe # owner: myacct # group: admins user::rw- user:johndoe:rw- group::r-- mask::rw- other::---
Files can be easily shared with members of your primary group and even with anyone with an account on the system, though this will require that they have access to the file location as well as the files themselves. A file like the one listed below will be readable by anyone in the tech team (since they will have read access), but they will not be able to make any changes.
$ ls -l meeting_notes -rwxr-----. 1 myacct techteam 2534 Jun 11 meeting_notes
Note that it's probably best to store files to be shared with others in a directory other than your home directory.
Compressing files
Linux provides a number of commands for compressing files -- a good thing to do when files are fairly large and don't need to be viewed or modified very often. The shrinkage will depend on file content. Here's an example:
$ ls -l dict.mp4 -rw-r--r--. 1 shs shs 11215553 Mar 14 15:07 dict.mp4 $ gzip dict.mp4 $ ls -l dict* -rw-r--r--. 1 shs shs 8507802 Mar 14 15:07 dict.mp4.gz
The link below will take you to a post on compressing files.
How to compress files on Linux 5 ways
Password-protecting files
One very simple way to encrypt a file on Linux by adding a -x option to your vi or vim commands. This is a very easy way to keep the contents private without depending on file permissions – even from root. To create a passcode-protected file, use a command like this:
$ vim -x newfile
You will be asked twice to enter the encryption key. When you go to edit the file again using a command like "vim newfile", you will asked to enter the same key again. This command provides a very easy way to hide the contents of a text file without having to rely on file permissions.
More on encrypting files with vim (including how to reverse the process) is available at this link:
Using vim to quickly encrypt and decrypt files
Wrap-up
Linux commands make it possible to share files with everyone on the system, so be very selective about who can view them or hide their contents from everyone but yourself.