users can DoS one another from mounting their encrypted private or home directories
Bug #402745 reported by
Dustin Kirkland
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
eCryptfs |
Fix Released
|
High
|
Unassigned | ||
ecryptfs-utils (Ubuntu) |
Fix Released
|
High
|
Dustin Kirkland | ||
Jaunty |
Won't Fix
|
High
|
Dustin Kirkland | ||
Karmic |
Fix Released
|
High
|
Dustin Kirkland |
Bug Description
Binary package hint: ecryptfs-utils
The eCryptfs encrypted-private and encrypted-home features use a counter file, usually /tmp/ecryptfs-
Since this file is in /tmp, one user can DoS another user from accessing their data, if they create the file before the other user does.
:-Dustin
Related branches
Changed in ecryptfs: | |
status: | Fix Committed → Fix Released |
visibility: | private → public |
To post a comment you must log in.
Fix committed in r421 and r422.
This should perhaps be SRU'd to Jaunty. I'll defer that decision to the Security Team.
:-Dustin