How can I prevent a user from copying files to another hard drive?

You can disable USB storage on Linux by blacklisting the module. 

modprobe -r usb-storage
echo blacklist usb-storage >> /etc/modprobe.d/10-usbstorage-blacklist.conf
echo blacklist uas >> /etc/modprobe.d/10-usbstorage-blacklist.conf

If your users have physical access to the machine, and knows the encryption keys, the game is up no matter what you do software-wise.

My suggestion would be to limit the access to physical interfaces of the machine. Lock it inside a box, and only let users interact via a keyboard, mouse and screen.

You should also note that you can't stop a user from copying something. Worst case? Take up the phone, and take pictures of the screen as they sift trough the files. Data loss prevention should in my opinion be targeted at stopping accidental copying to untrusted devices.


Client-server architecture

This is another approach that could make copying files much harder, but it requires investing more effort from your side.

Access to the information could be setup on a client-server architecture basis with information being stored in a database (such as MySQL or PostgreSQL) on a remote server in a secure location.

Then, provide access stations which would run a client application that retrieves information from the server and displays it to users.

So, instead of letting users access the information directly, you feed it to them.

You can make it harder for users to copy the data by limiting capabilities of the desktop environment, disabling USB ports, etc. Also, your app could display the information as an image as opposed to text, but this depends on whether or not this is appropriate from usability aspect.

But all this assumes that the only hosts that can access the database are locked-down client stations that you provide for users and that they are in a controlled environment so that they can not tamper with access stations or plug their own devices to the network.

Whether or not this is a good approach for your use case depends on your threat model, and how much effort you are ready to invest into this.


In addition to blocking USB (see other answers above):

Disable networking, because...

  • ... otherwise user will use remote access to your machine, e.g. via scp or ftp, and copy files from your machine.
  • ... otherwise logged in users will be able to transfer file via net from your machine to some other machine via scp, ftp, samba, http.

Tags:

Linux

Permissions

Access Control

Selinux

Related

Unknown automatically generated email in sent folder Does putting salt first make it easier for attacker to bruteforce the hash? Ability To Change Root User Password (Vulnerability?) Is using 'echo' to display attacker-controlled data on the terminal dangerous? Do mail servers follow links in emails as part of a security scan before inbox delivery? Is using haveibeenpwned to validate password strength rational? What are the risks of just clearing cookies instead of logging off? How is leaving a telephone on the ground a "classic anti-surveillance technique"? How bad would a partial hash leak be, realistically? Why is openssl complaining that my certificate chain is self-signed? Is it possible to track/save Google searches that were never submitted? Is having a hidden directory under /etc safe?

Recent Posts