Ubuntu
ecryptfs-utils package

ecryptfs accidentally permits password-less logins

Bug #243361 reported by Jyrki Pulliainen on 2008-06-26

Affects		Status	Importance	Assigned to	Milestone
	ecryptfs-utils (Ubuntu)	Fix Released	High	Dustin Kirkland 

Bug Description

Binary package hint: ecryptfs-utils

Doing Private folder according to https://wiki.ubuntu.com/EncryptedPrivateDirectory rendered my /etc/pam.d/common-auth so, that it allowed login without password

The content of the common-auth

$ cat /etc/pam.d/common-auth
password required pam_ecryptfs.so
auth required pam_ecryptfs.so unwrap

So far I've managed to reproduce this every time when running `sudo ecryptfs-setup-confidental`. Passwordless login works both in
GDM and terminal. I'm running up-to-date Intrepid.

Revision history for this message

Dustin Kirkland  (kirkland) wrote on 2008-07-10:

Thanks for this bug report and for testing Ecryptfs!

This problem was a temporary issue with some scripts that were under development.

This problem is fixed in the latest version of ecryptfs-utils (50-1). ecryptfs-setup-confidential is no longer run under sudo privileges.

See the updates to the testing section of the spec wiki page:
* https://wiki.ubuntu.com/EncryptedPrivateDirectory

Thanks!
:-Dustin

Changed in ecryptfs-utils:
assignee:	nobody → kirkland
importance:	Undecided → High
status:	New → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntuecryptfs-utils package

ecryptfs accidentally permits password-less logins

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
ecryptfs-utils package