Can you really hide a GPT partition?

User discussion and information resource forum for BootIt Bare Metal and BootIt UEFI
dnlathrop
Posts: 47
Joined: Sat Sep 01, 2012 10:21 pm

Can you really hide a GPT partition?

Post by dnlathrop »

A few threads have discussed this problem but I did not find an answer.

With BIU, I have installed two Linux OS with one root partition for each. Limit Primaries is not set. In Boot Edit, in the GPT Details window I marked each of their root partitions hidden to the other OS. The slot is locked for one; not locked for the other.

When I boot either OS, the root partition of the other OS is visible and can be mounted, its files read, modified, etc.

I would like to hide one OS partition from the other. By "hide" I mean prevent its files from being seen or accessed. It appears this is not possible with BIU, or did I do something wrong?
TeraByte Support
Posts: 3596
Joined: Thu May 05, 2011 10:37 pm

Re: Can you really hide a GPT partition?

Post by TeraByte Support »

You can confirm it's hidden by using a partinfo listing and checking the
GUID type of the partition. But if you have some distro or version of
a utility that ignores partition types and just tries things like
mounting on any type, then you can't stop it (we don't remove from the
table with GPT because there should be no reason too, and it makes it
easier for others to not have to worry about changing partitions).

Maybe we'll add an advanced option to take it out of gpt. I thought linux
mounting was tested when hidden, but can't remember the details or
distro used, don't have it handy to test right now.

On 5/6/2020 5:47 PM, dnlathrop wrote:
> A few threads have discussed this problem but I did not find an answer.
>
> With BIU, I have installed two Linux OS with one root partition for each. Limit Primaries is not set. In Boot Edit, in the GPT Details window I marked each of their root partitions hidden to the other OS. The slot is locked for one; not locked for the other.
>
> When I boot either OS, the root partition of the other OS is visible and can be mounted, its files read, modified, etc.
>
> I would like to hide one OS partition from the other. By "hide" I mean prevent its files from being seen or accessed. It appears this is not possible with BIU, or did I do something wrong?
>
>
dnlathrop
Posts: 47
Joined: Sat Sep 01, 2012 10:21 pm

Re: Can you really hide a GPT partition?

Post by dnlathrop »

TeraByte Support wrote:
> You can confirm it's hidden by using a partinfo listing and checking the
> GUID type of the partition.

I was not able to find what I needed to decipher the GUID type. Partinfo reported different types for the two root partitions (one not hidden and the other I marked to be hidden):
partition 1 = {0FC63DAF-8483-4772-8E79-3D69D8477DE4}
partition 3 = {6F422ADF-746F-7449-2048-696464656E2A}

Partition 3 is supposed to be hidden.

I am running Linux Mint. Everything I have tried (nemo, gparted, a file manger I wrote, mount) can see the "hidden" partition and mount it with no difficulty -- not even a warning it is somehow different. The hidden feature in BIU is ineffective.

I am puzzled why you concluded there should be no reason to remove from the table any partition marked to be hidden. I would think this situation demonstrates sufficient reason.

I would appreciate knowing what are your current thoughts on this. Do you think it likely you will change things to truly hide partitions? If not, it may be worth the effort to return to BIBM and legacy booting since I do not use Windows.
Brian K
Posts: 2213
Joined: Fri Aug 12, 2011 1:11 am
Location: NSW, Australia

Re: Can you really hide a GPT partition?

Post by Brian K »

dnlathrop,

For what it's worth, Hide does work with Windows OS. NTFS and FAT partitions can be hidden.
dnlathrop
Posts: 47
Joined: Sat Sep 01, 2012 10:21 pm

Re: Can you really hide a GPT partition?

Post by dnlathrop »

Brian K wrote:
> dnlathrop,
>
> For what it's worth, Hide does work with Windows OS. NTFS and FAT
> partitions can be hidden.

Hi Brian,

Thanks for the reply. The feature is worth something to those who use Widows, which is the majority. For those who use something else, and I know you are one of them, it's woefully inadequate.

I guess TBU's silence in response to my question speaks volumes -- we should not hold our breath waiting for something to address this situation.

It is unfortunate. I migrated to UEFI because I thought it would be best to stay current with advancing technology. The migration was not as easy as I thought it would be. A lot of problems and complexity for no apparent benefit; educational but not worth the effort.
Brian K
Posts: 2213
Joined: Fri Aug 12, 2011 1:11 am
Location: NSW, Australia

Re: Can you really hide a GPT partition?

Post by Brian K »

Hi dnlathrop,

Maybe I'm missing your point but if you don't mount a Linux partition it is as good as being hidden. Is that correct or not?

As you mentioned, a BootIt Hidden partition Type is {6F422ADF-746F-7449-2048-696464656E2A} and TeraByte Support said, "But if you have some distro or version of a utility that ignores partition types and just tries things like mounting on any type, then you can't stop it".
AGH1965
Posts: 85
Joined: Sat Jul 09, 2016 1:36 pm
Location: Netherlands

Re: Can you really hide a GPT partition?

Post by AGH1965 »

Brian K wrote:
> For what it's worth, Hide does work with Windows OS. NTFS and FAT
> partitions can be hidden.

Not really. Hidden NTFS and FAT partitions are clearly visible in Windows. The only thing you can't see is their contents.

For what it's worth: I would really appreciate BIU having true partition hiding, i.e. in the way BIBM did with partitions you left out of the MBR slots.
tas3086
Posts: 316
Joined: Mon Mar 19, 2012 6:15 pm

Re: Can you really hide a GPT partition?

Post by tas3086 »

I would suggest that a completely hidden partition would not be easily viewed/encrypted by some intruder/hacking mechanism. Mountable partitions would be easily discover-able and subject to intrusion. Truly hidden adds an extra level of security. I'd vote for a more hidden option.

Nothing is perfect, as the total disk is accessable by everyone, so keep your backups offline.
dnlathrop
Posts: 47
Joined: Sat Sep 01, 2012 10:21 pm

Re: Can you really hide a GPT partition?

Post by dnlathrop »

Brian K wrote:
> Hi dnlathrop,
>
> Maybe I'm missing your point but if you don't mount a Linux partition it is
> as good as being hidden. Is that correct or not?

Hi Brian,

In my view, a partition that is visible but not mounted is not as secure from harm as a partition that is truly hidden in what would appear to be unallocated space.

By harm, I do not mean preventing destruction. It is true that in either of those situations the partition can be destroyed maliciously or inadvertently. What I mean by harm is its contents being accessed and even modified by an unauthorized user or program.

There is more than a little irony here. BIU provides facilities for setting up protection against unauthorized booting of an OS so if I wished I could prevent (or at least make more difficult) a user from booting an OS through BIU; however, I cannot prevent that user from mounting and accessing that OS partition from another OS he is allowed to boot.

In my particular case with a single-user machine, my concern is possible harm arising from an inadvertent (stupid) operation on my part or harm from spyware/malware as tas3086 suggested.

These are not high-probability events but the potential harm could be enormous.

EDIT: I had a thought after I posted this. There is a way to restrict access to a partition and that is to put an entry in the fstab file with restricted permissions that prevent mounting by an ordinary user. But it does seem more than a bit odd to define a partition in fstab that you want to keep hidden, and setting up a directory and mount point you don't want used.
Eugene
Posts: 1
Joined: Tue Feb 09, 2021 7:54 am

Re: Can you really hide a GPT partition?

Post by Eugene »

Hello! Can anyone help with hiding a drive, so it is not visible in other windows installation 'Disk Management'? I am testing a demo BIBM in Oracle VirtualBox, and can not get the drive NOT to show up in 'Disk Management'. Tried last version and version 1.11 of BIBM, with Vista 32. I created one additional (empty, formatted) virtual HD, and put the 'hide' flag on it in 'Boot Edit' and in 'Partition Work', tried with 'Limit Primaries' option unchecked and checked. Thanks in advance!
Post Reply