ecryptfs: keyring is not cleared on logout
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ecryptfs-utils (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: ecryptfs-utils
On a fresh Ubuntu 9.10 install with ecryptfs-enabled home directory the .Private directory is unmounted on logout, but the keys are not cleared from the keyring. This enables a user with admin rights to "su - <username>" into the account and access the files, while the user might believe they are locked away.
Steps to reproduce:
1. set up ecryptfs home directory for user "foo"
2. login as "foo" with password, files are unlocked, .Private is mounted
3. logout, .Private is unmounted
4. from a different admin account "admin": "sudo su - foo", give admin's password, password for foo is not asked
What happens:
.Private is mounted, the files are unlocked and accessible.
What is expected:
admin should only see the encrypted files in .Private. This is what happens if foo called "ecryptfs-