eCryptfs

Overview
Code
Bugs
Blueprints
Translations
Answers

insecure passing of passwords on the command line

Bug #295511 reported by Tristan Hill on 2008-11-08

This bug report is a duplicate of: Bug #287908: ecryptfs-setup-private potentially exposes passwords in the process table. Edit Remove

Affects		Status	Importance	Assigned to	Milestone
	eCryptfs	New	Undecided	Unassigned

Bug Description

Passing the mount password and login password on the command line is insecure on systems were this is viewable with ps. This is done in at least ecryptfs-setup-private, and required by at least ecryptfs-wrap-passphrase and ecryptfs-add-passphrase. Accepting the password on standard input is normally preferred.

Originally from http://sourceforge.net/tracker/index.php?func=detail&aid=2125165&group_id=133988&atid=728799

Report a bug

This report contains Public information

Everyone can see this information.

Duplicate of bug #287908 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.