1

I want to hide the Windows drive in Ubuntu in Terminal and GUI, so that root cannot access it to modify the Windows disk (/dev/sda1/).

Szewczu
  • 33

3 Answers3

15

Impossible. The root user is by definition all-powerful. That includes the ability to both read from and write to all attached storage devices.

The best you can do is to encrypt the Windows partition, which would prevent everybody without a valid key from

  1. making sense of the information on that partition and
  2. manipulating its content without the possibility of detection.

What you probably want is a separation of privilege, where one or more users don't have super-user privileges but only a subset thereof.

David Foerster
  • 36,890
  • 56
  • 97
  • 151
5

You can unmount the Windows partition, and remove it from the list of partitions that will be automounted on startup.

I quote the section below from https://help.ubuntu.com/community/MountingWindowsPartitions:

Option 2 - to ensure that Ubuntu does not mount the partition and also disables graphical mounting from the file manager. For example, you may wish to ensure that recovery and system partitions are never inadvertently mounted and do not appear in the file manager. In this case you need to create a mountpoint in /mnt, not /media. Modify the line below (in /etc/fstab) with your UUID and mountpoint:

UUID=519CB82E5888AD0F  /mnt/Data  ntfs  noauto,umask=222  0 0

Note: with these mount options, the partition does not appear in the Devices list in the left pane of Nautilus (the Ubuntu file manager), but it still appears in Dolphin, the Kubuntu File Manager. Clicking on the partition in Dolphin causes the display of an error message. This solution is less elegant in Dolphin than with Nautilus, but the desired effect is achieved - the partition cannot be mounted.

Another way is to set the hidden flag for the NTFS/fat partition using GParted.

Note: This is assuming you just want to prevent casual access to the Windows drive by "hiding", but preventing strict access from the root user is not possible.

Peter Mortensen
  • 854
prusswan
  • 1,049
4

If you want to completely hide the drive, you can set a udev rule. For example, if your Windows partition is on /dev/sda2, you can add the following to /etc/udev/rules.d/99-hide-disks.rules(you may need to create the file).

KERNEL=="sda2", ENV{UDISKS_IGNORE}="1"

After that, simply reboot the machine.

Peter Mortensen
  • 854
Jujstme
  • 156