ecryptfs-verify does not check permission of wrapped-passphrase
Bug #1156672 reported by
Nobuto Murata
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
eCryptfs |
New
|
Undecided
|
Unassigned |
Bug Description
currently ecryptfs-verify script does not check permission of wrapped-passphrase.
one possible situation of mistaken permission of wrapped-passphrase is:
* a user forgot his/her password
* an admin reset user's login password
* the admin also created new wrapped-passphrase with stored passphrase and new password by ecryptfs-
* the admin forgot to change permission and left owner of wrapped-passphrase as root:root
then the user cannot read wrapped-passphrase and fails to mount ecryptfs.
It would be helpful if ecryptfs-verify also checks permission of wrapped-passphrase.
ecryptfs: 103-0ubuntu2
Related branches
lp:~nobuto/ecryptfs/verify-wrapped-passphrase
Ready for review
for merging
into
lp:ecryptfs
- eCryptfs: Pending requested
-
Diff: 62 lines (+20/-1)2 files modifieddebian/changelog (+3/-1)
src/utils/ecryptfs-verify (+17/-0)
To post a comment you must log in.