ecryptfs team mailing list archive

[Dustin Kirkland <dustin.kirkland@xxxxxxxxx>]

Your concerns are noted, and the upstream ecryptfs kernel developers
are working on it.  They have working prototypes, and are submitting
to -mm as soon as possible.  We absolutely understand, respect, and
desire the additional security that will bring.

I disagree with your points that this should be disabled or removed,
and that the feature is useless.

When you use gpg to encrypt a single file, does it encrypt the file
name as well?  No, it does not.

We're not forcing anyone to use this feature.  And we're not dictating
what data goes into ~/Private.

This entirely an opt-in program.

I'm attaching the private half of an ssh key, pulled from the
encrypted .Private directory.  If you or anyone else is able to crack
it, we would like to hear about it.

:-Dustin


** Attachment added: "id_rsa"
   http://launchpadlibrarian.net/18819390/id_rsa

-- 
Filenames in ~/.Private are not encrypted
https://bugs.launchpad.net/bugs/264977
You received this bug notification because you are a member of eCryptfs,
which is subscribed to ecryptfs-utils in ubuntu.

Status in eCryptfs - Enterprise Cryptographic Filesystem: Unknown
Status in “ecryptfs-utils” source package in Ubuntu: Confirmed

Bug description:
As Per https://wiki.ubuntu.com/EncryptedPrivateDirectory I created a private directory.
Ii mounted it, then put some files in it.
Then unmounted the Private dir.
~/Private contains only "THIS DIRECTORY HAS BEEN UNMOUNTED TO PROTECT YOUR DATA --  Run mount.ecryptfs_private to mount again"


~/.Private still contains all the private files, albeit the contents are indeed encrypted... 

I had expected that the filesystem of ~/Private would also be encrypted so that a potential data thief would not even know what files I have on my system.