Inadvertent opening of encrypted dir
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
eCryptfs |
Incomplete
|
Medium
|
Dustin Kirkland |
Bug Description
I've found what I think is quite a significant bug in ecryptfs. I am a user who has auto-login enabled so it means that ecryptfs correctly (as designed) does not automatically mount ~/.Private/. I've discovered that any time you use "sudo" that your password get installed in the kernel keyring and your ~/.Private dir becomes automatically available to be mounted merely by (anybody) clicking on the standard "Access your Private data" link. No password/passphrase is then required to be explicitly entered to open your private dir. The same problem applies even if you don't use auto-login - you may think you have closed off private access with ecryptfs-
It is un-reasonable and dangerous that a typical naive user should have to be aware that he has exposed his private dir just because he did an sudo somewhere completely unrelated. There should be no correlation between sudo and this ecryptfs functionality.
I'm using ecryptfs-utils version 73-0ubuntu6 on jaunty.
security vulnerability: | yes → no |
visibility: | private → public |
This was fixed in ecryptfs-utils-74.
- pam_ecryptfs.c: don't try to unwrap key for users not using pam mounting
:-Dustin