ecryptfs-recover-private cannot recover the specified directory if its parent directory is the same with <Private> directory's parent

Bug #1694010 reported by Jason Xing on 2017-05-27
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
eCryptfs
Undecided
Jason Xing

Bug Description

Reproduce case:
Notice: use 123 as the LOGIN-PASSPHRASE, use 456 as MOUNT-PASSPHRASE
1. Install Ubuntu 14.04 without enabling encrypt-home-directory option.
2. Execute "ecryptfs-setup-private" command successfully and it then create <Private> and <.ecryptfs> directory in /home/Jason/ path.
3. Create <secure> and <raw> directory in /home/Jason. Then Execute "sudo mount -t ecryptfs secure raw" to mount. Put <test_file> file into <raw> and <Private> directory separately.
4. I'm going to try to recover /home/Jason/secure directory with "ecryptfs-recover-private /home/Jason/" command.
5. User will be prompted with "INFO: Found your wrapped-passphrase Do you know your LOGIN passphrase? [Y/n]" information. As you know, user should be prompted to enter the MOUNT-PASSPHRASE not the LOGIN-PASSPHRASE. Thus, no matter what passphrase(123 or 456) user enters, user cannot obtain the decrypted file (because if user enters 123, the system will mount <secure> to /tmp/ecryptfs.xxxxxx with passphrase 123, the system cannot decrypt it obviously. If user enters 456, the system cannot unwrap passphrase. It goes wrong.).

IF user wants to recover <secure> directory, user should enter "n" as system prompts "Do you know your LOGIN passphrase? [Y/n]". Then system will prompt MOUNT-PASSPHRASE to enter. User could easily and successfully read <test_file> with entering 456 as MOUNT-PASSPHRASE.

Explanation:
System will search <.ecryptfs> in the <secure>'s parent directory and then it can look up successfully without any doubt, because <Private> and <secure> are stored in the same directory(/home/Jason). But the <.ecryptfs> has nothing to do with <secure>.

Jason Xing (wlxing) wrote :

I'm going to assign this bug to me and fix this issue only by adding some if statement.

Changed in ecryptfs:
assignee: nobody → Jason Xing (wlxing)
Jason Xing (wlxing) wrote :

I'm confused that this command is used to recover private directory(interactive mount), not to recover the encrypted directory(sudo mount -t ecryptfs secure raw). But it can be applied in the latter case.

Could someone give some advice?

Changed in ecryptfs:
status: New → Opinion
status: Opinion → New
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers