CloakFS cloaks the file system and other system users, preventing users from seeing each other and accessing each other’s system files.
File System Cloaking
Shared hosting environments are susceptible to users snooping around the file system and looking at or changing things they shouldn’t. But now, CloakFS administrators can easily Cloak the file system, causing specified individuals and groups to see only their own files and necessary root-owned files. The processes and files of other system users are totally invisible.
Now that CloakFS is kernel-based instead of PAM-based, it will be much more user-friendly: no more PAM configuration, copying files, or preparing special file systems to hide files.
A kernel-based method also means automatic blocking of symlinks and all external methods for listing users’ home directories without having to address each method individually at higher levels. No more chasing down new or changed protocols.
Very shortly, CloakFS will also hide /etc/passwd/, named.conf, and system log files. It will also hide root processes from users and block programs with the suid flag set.