user home directory not fully encrypted
Bug #818432 reported by
Leszek Kovalsky
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ecryptfs-utils (Ubuntu) |
Invalid
|
High
|
Dustin Kirkland |
Bug Description
1. Installed Ubuntu 11.04
2. created few users with encrypted home directories
3. users had activity under gnome and unity
4. after they logged out I listed /home/[user]/ directories and found some unencrypted files:
- .bash_history - I tried to delete this but system sometimes creates unencrypted copy of this file
- .gnome2/
I do not fully trust ubuntu encryption. .bash_history contains sensitive informations sometimes. So gnome configuration files too.
Changed in ecryptfs-utils (Ubuntu): | |
importance: | Undecided → High |
assignee: | nobody → Dustin Kirkland (kirkland) |
To post a comment you must log in.
After these users are logged out, and when you're listing their $HOME directories, can you please confirm that their home directories are NOT mounted, according to /etc/mtab and /proc/mounts?
You will see data there if these directories are still mounted, but when they're not mounted, you should only see a very basic skeleton like this:
$ sudo ls -alF /home/foobar/ Your-Private- Data.desktop -> /usr/share/ ecryptfs- utils/ecryptfs- mount-private. desktop* ecryptfs/ foobar/ .ecryptfs/ ecryptfs/ foobar/ .Private/ ecryptfs- utils/ecryptfs- mount-private. txt
total 8
dr-x------ 2 foobar foobar 4096 2011-12-27 11:01 ./
drwxr-xr-x 7 root root 4096 2011-12-27 11:01 ../
lrwxrwxrwx 1 foobar foobar 56 2011-12-27 11:01 Access-
lrwxrwxrwx 1 foobar foobar 32 2011-12-27 11:01 .ecryptfs -> /home/.
lrwxrwxrwx 1 foobar foobar 31 2011-12-27 11:01 .Private -> /home/.
lrwxrwxrwx 1 foobar foobar 52 2011-12-27 11:01 README.txt -> /usr/share/
Also, can you confirm the permissions on the user's home directories when not mounted? As you should see above, the unmounted user home directory should have permissions 500 dr-x------. Note that not even the owner has write permission here. This is to prevent exactly the situation you're describing -- inadvertently writing cleartext data to the home directory.