Comment 17 for bug 469664

You should note that there is a very small potential security risk here. Most files don't have extended attributes on them and therefore any file having an extended attribute would raise a red flag. Due to the way ecryptfs works, these attributes would be visible (and settable/unsettable) in the encrypted ".Private" directory. This problem is minimal but I felt that it should be noted.