ecryptfs-verify does not check permission of wrapped-passphrase

Bug #1156672 reported by Nobuto Murata on 2013-03-18
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
eCryptfs
Undecided
Unassigned

Bug Description

currently ecryptfs-verify script does not check permission of wrapped-passphrase.

one possible situation of mistaken permission of wrapped-passphrase is:
 * a user forgot his/her password
 * an admin reset user's login password
 * the admin also created new wrapped-passphrase with stored passphrase and new password by ecryptfs-wrap-passphrase
 * the admin forgot to change permission and left owner of wrapped-passphrase as root:root

then the user cannot read wrapped-passphrase and fails to mount ecryptfs.

It would be helpful if ecryptfs-verify also checks permission of wrapped-passphrase.

ecryptfs: 103-0ubuntu2

Related branches

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers