Encrypted private directories are mounted automatically, should be easier to mount/unmount

Bug #404513 reported by Zoubidoo
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ayatana Design
One Hundred Papercuts
ecryptfs-utils (Ubuntu)
mountall (Ubuntu)

Bug Description

At present, encrypted Private directories are mounted automatically, but it is good security practice to mount them only on demand. The ability to easily unmount and remount the Private directory would significantly improve control over confidential information. At present unmounting the Private directory requires dropping into the command line.

Use case:
Alice stores confidential documents in the encrypted Private directory. Alice and Bob are working together on a project where they both work on Alice's computer. Before Bob joins her Alice unmounts her private directory using the gnome-panels disk mounter. Unexpectedly Alice needs to take a phone call leaving Bob at her computer, but she is not worried about her confidential documents because her Private directory is unmounted.

Possible places to allow mounting/unmounting of private directories:
* Places menu
* Nautilus sidebar
* Gnome-panels disk mounter

Zoubidoo (zoubidoo)
visibility: private → public
Revision history for this message
Chris Wilson (notgary-deactivatedaccount) wrote :

Thanks a lot for reporting this, however I am invalidating it as a paper cut as encrypting individual directories is a task that the average user is unlikely to be carrying out during their day-to-day computing habits. I have however notified the Ayatana project of this idea.

Changed in hundredpapercuts:
status: New → Invalid
security vulnerability: yes → no
Revision history for this message
Dustin Kirkland  (kirkland) wrote :

From the ecryptfs-utils side, there is support for configuring this by touching or removing two flags, ~/.ecryptfs/auto-mount and ~/.ecryptfs/auto-umount. So I'm going to invalidate the ecryptfs-utils task.

I see your point, though it would be considerable effort to go through and hook all the places that might need to dynamically mount and unmount private. Doesn't seem very practical, but that's just my opinion.

Thanks for the idea.

Changed in ecryptfs-utils (Ubuntu):
status: New → Won't Fix
status: Won't Fix → Invalid
Revision history for this message
Steve Langasek (vorlon) wrote :

This is not related to mountall. Mountall only handles mounting of filesystems specified in /etc/fstab, so has nothing to do with ecryptfs.

Changed in mountall (Ubuntu):
status: New → Invalid
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers