I thought about the question some more.
There are filesystem-specific ways to create the possibility of truly hidden files, of course, but I'm not at all interested in exploring those. However, there is a different approach, a variant, that might suit your needs.
You could achieve a similar effect by intercepting only the open
syscall (extending the existing one, to be precise). If the opened file resolves to a nonexisting file, but the directory and the file name match, instead of failing you construct a special path to the "hidden" file, and open that instead.
The existing file would then be a perfectly normal file, just actually somewhere else. Of course, you can put it in a root-only accessible directory (drwx------ root:root
), and omit the access security check when opening it, to make it "hidden".
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…