Okay, on the userspace side, we need to provide a way to "fix" affected files, where kernel data has been leaked into the encrypted file headers, once the user is running a fixed kernel.
I have created a small shell script, ecryptfs-rewrite-file, which will do this, and a manpage with instructions.
This will mostly affect Ubuntu Jaunty Alpha/Beta users. I will coordinate with the Ubuntu Security Team for the best mechanism for communicating these instructions.
This script will be in the ecryptfs-utils-73 release for merging by other distros too.
Okay, on the userspace side, we need to provide a way to "fix" affected files, where kernel data has been leaked into the encrypted file headers, once the user is running a fixed kernel.
I have created a small shell script, ecryptfs- rewrite- file, which will do this, and a manpage with instructions.
You can view the latest source of this shell script in the source control at: bazaar. launchpad. net/~ecryptfs/ ecryptfs/ ecryptfs- utils/annotate/ head%3A/ src/utils/ /ecryptfs- rewrite- file
* http://
And this manpage explains how the script is intended to run: bazaar. launchpad. net/~ecryptfs/ ecryptfs/ ecryptfs- utils/annotate/ head%3A/ doc/manpage/ /ecryptfs- rewrite- file.1
* http://
Basically: ecryptfs- rewrite- file umount- private
$ cd $YOUR_MOUNT_POINT
$ find . -xdev -print0 | xargs -r -0 /usr/bin/
$ ecryptfs-
$ sync
This will mostly affect Ubuntu Jaunty Alpha/Beta users. I will coordinate with the Ubuntu Security Team for the best mechanism for communicating these instructions.
This script will be in the ecryptfs-utils-73 release for merging by other distros too.
:-Dustin