ecryptfs team mailing list archive

Thread
Date

[Bug 284443] Re: ecryptfs does not work with gdm auto-login

To: ecryptfs@xxxxxxxxxxxxxxxxxxx
From: Dustin Kirkland <dustin.kirkland@xxxxxxxxx>
Date: Mon, 20 Oct 2008 17:07:35 -0000
Reply-to: Bug 284443 <284443@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

The encrypted private directory should absolutely NOT be mounted on
automatic, password-less logins.  That would entirely defeat its
purpose.  In fact, auto logins should never be used on any system where
you care at all about security.

I'll document this in the EncryptedPrivateDirectory wiki page, and
eventually in the ecryptfs-setup-private manpage in a subsequent
upstream release.

I'm not going to clutter the ecryptfs dialogs with this information.
I'll leave it to the gdmsetup developers to decide whether they want to
include a note.

:-Dustin

** Changed in: ecryptfs-utils (Ubuntu)
     Assignee: (unassigned) => Dustin Kirkland (kirkland)
       Status: New => Won't Fix

** Also affects: gdm (Ubuntu)
   Importance: Undecided
       Status: New

-- 
ecryptfs does not work with gdm auto-login
https://bugs.launchpad.net/bugs/284443
You received this bug notification because you are a member of eCryptfs,
which is subscribed to ecryptfs-utils in ubuntu.

Status in “ecryptfs-utils” source package in Ubuntu: Won't Fix
Status in “gdm” source package in Ubuntu: New

Bug description:
if autologin is enabled in gdm, the encrypted private directory is not automatically mounted 

as ubiquitiy now has an autologin option, this will affect many users who later manually create an encrypted directory

from the security point of view, no auto mount for auto login this is certainly good and not a 'bug'; but it is unexpected and should be documented; also, both ecryptfs-utils and gdmsetup should explicitly warn for this case

References

[Bug 284443] [NEW] ecryptfs does not work with gdm auto-login
From: Michael Kofler, 2008-10-16