GNOME creates thumbnails that leak encrypted data under default Ubuntu configuration
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
gnome-desktop3 (Ubuntu) |
Confirmed
|
Low
|
Unassigned |
Bug Description
Tested on Ubuntu 16.04.2 LTS. Bug appears to be in libgnome-
When a user does not have an encrypted home directory, the default Ubuntu installation offers an encrypted Private directory for each user using ecryptfs. The goal, I presume, is to give the user a place where they can protect data from being read directly off the disk.
This entire purpose is defeated, though, because GNOME caches thumbnails of files in Private. These can be detailed enough to reveal contents of the encrypted storage.
To reproduce:
1. Save an image or other thumbnail-able file directly to ~/Private. It could be porn, a naked selfie, ... I used the Ubuntu logo 64_logo.png from Launchpad.
2. Open Nautilus and browse to Private. Confirm that a thumbnail is shown for the image.
3. Find this file's checksum: echo -n 'file:/
4. Confirm that ~/.caches/
If this is not a bug, I don't understand why Ubuntu would provide an encrypted Private directory in the first place.
Ideally, this would be fixed by improving gnome_desktop_
I noticed another security problem while investigating this. libgnome-desktop may also be leaking thumbnail data even if a user's entire home folder is encrypted, through the use of a temporary file here: https:/
Changed in gnome-desktop3 (Ubuntu): | |
status: | New → Confirmed |
Hi,
Can I make this bug public so that it is visible by developers?
Thanks!