locate knows about files on my encrypted partition
Bug #113312 reported by
Thomas Zander
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
slocate (Ubuntu) |
Invalid
|
Wishlist
|
Unassigned |
Bug Description
I was surprised to see that using /usr/bin/locate I got results from a partition that is only readable by my user and actually is an encrypted partition (openLuks).
I was under the impression that the updateDb application would run as 'nobody' which means it would not read my homedir if I would make it read only for my user. Which is what I did with my homedir as well as the /mnt/private partition. (its got a chmod 700 1000.1000)
I mention the encryption here since I consider it a security vulnerability that a full index of an encrypted partition is stored on an unencrypted partition.
To post a comment you must log in.
Partitions that should not be indexed can be added to /etc/locatedb. conf's PRUNEPATHS variable. In the future, it would be nice to have some kind of PRUNECRYPT=1 setting as well.