ecryptfs-utils should use /dev/random when generating keys

Bug #1420424 reported by Dustin Kirkland  on 2015-02-10
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ecryptfs-utils (Ubuntu)
High
Dustin Kirkland 

Bug Description

ecryptfs-setup-private generates a passphrase that protects very important data, and typically lives a very long time.

For these reasons, it should use /dev/random rather than /dev/urandom when generating the mount passphrase.

Dustin Kirkland  (kirkland) wrote :

bzr commit -m '* doc/manpage/ecryptfs-setup-private.1, src/utils/ecryptfs-setup-
  private, src/utils/ecryptfs-setup-swap: LP: #1420424
  - use /dev/random rather than /dev/urandom for long lived keys' --fixes 'lp:1420424'
Committing to: /local/media/src/ecryptfs/ecryptfs/
modified debian/changelog
modified doc/manpage/ecryptfs-setup-private.1
modified src/utils/ecryptfs-setup-private
modified src/utils/ecryptfs-setup-swap
Committed revision 836.

Changed in ecryptfs-utils (Ubuntu):
importance: Undecided → High
status: New → In Progress
assignee: nobody → Dustin Kirkland  (kirkland)
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ecryptfs-utils - 106-0ubuntu1

---------------
ecryptfs-utils (106-0ubuntu1) vivid; urgency=medium

  [ Dustin Kirkland and Martin Pitt ]
  * debian/ecryptfs-utils.postinst: LP: #953875
    - detect and clean up after nonexisting cryptswap devices

  [ Tyler Hicks ]
  * tests/userspace/Makefile.am: Fix the 'make check' failure present in the
    ecryptfs-utils-105 release tarball. The failure was due to the automake
    file not specifying that some data files should be distributed as part
    of the v1-to-v2-wrapped-passphrase test, causing the test to fail due to
    the missing files.

  [ Dustin Kirkland ]
  * scripts/release.sh:
    - ensure that we try a binary build as part of the release process
    - make sure we're in the original working directory when we release
    - remove the -x option, too noisy
  * vivid
  * vivid
  * vivid
 -- Dustin Kirkland <email address hidden> Wed, 11 Mar 2015 18:42:19 -0500

Changed in ecryptfs-utils (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers