ecryptfs-users team mailing list archive

["kapetr" <kapetr@xxxxxxxxx>]

Hello,

I'm new in using of eCryptfs, but the first test do not let me
sleep.

I'm using Ubuntu 10.10 - standard installation.

Let see my steps:

1. I mount (as root or with sudo) my first eCryptfs in user1 subdirs
with passwd1.
2. the key is ONLY in keyring @u of root, NOT by user1 - but:

user1 can create and read files in that FS (file system) root can
the same.

?? How can user1 work with files in this FS even if user1 has no key
in his keyring ?!!!

3. root clears kis keyring with keyctl clear @u, but the FS is
usable further ??!!

4. root unmounts this FS and mounts it again with another password
passwd2

5. user1 can not see content of previous files (but can see
names/size in "ls") and can create new files - AGAIN WITHOUT key

5. user1 adds passwd1 with ecryptfs-manager - so passwd2-key is in
@keyring of root and passwd1-key is in keyring of user1

6. user1 can now see content of ALL previous files ??!! root too
??!!

7. and now! another user - user2 can also see all files, even if he
has no keys !!

HOW IS IT POSSIBLE ??

I thing, that access to content of encrypted files should have ONLY
the one, who has key of proper password in his keyring - and NOBODY
ELSE.

But this is by eCryptfs not so. Once anybody adds passwdX to his
keyring, than anybody else !!! can read files  encrypted with this
password. Even if this user deletes this key from his keyring !!!

I can not believe my eyes ?!

Please HELP.

--kapetr