← Back to team overview

ecryptfs team mailing list archive

  1. ecryptfs team
  2. Mailing list archive
  3. Message #00203

[Bug 290445] Re: ecryptfs-setup-private fails if passphrase contains character "%"

  Thread PreviousDate PreviousThread Next 
Per https://wiki.ubuntu.com/StableReleaseUpdates:

 1) This bug will impact any user wishing to setup an encrypted
~/Private directory having a "%" or a "-" in their login password or
their mount passphrase.

 2) This was fixed in Intrepid's ecryptfs-utils_53-1ubuntu12, which is
in Intrepid -proposed

 3) The fix involves 3 trivial changes, basically changing:
     printf "$foo" ------> printf "%s" "$foo"
  The upstream git commit is:
   * http://git.kernel.org/?p=linux/kernel/git/mhalcrow/ecryptfs-utils.git;a=commit;h=2c422e6d2549f90258cddeebf105b066b598bdbb

 4) TEST CASE:
    Using ecryptfs-utils_53-1ubuntu11 (or the Intrepid alternate/server) install media, set a user's password to something like "foo%bar".  Then run "ecryptfs-setup-private".  You will be prompted for your system password.  If you correctly enter "foo%bar", you will be told that your entered login passphrase is incorrect.
    Using ecryptfs-utils_53-1ubuntu12, the above test case should succeed.

 5) I believe the regression potential to be very low.  I'm attaching to
this bug a shell script I used to test, by generating 10,000 random
passwords including all sorts of alphanumeric and punctuation
characters, and testing the output of a printf "%s" "$foo".  You can use
this "fuzzing" test to verify the change.  I ran this numerous times.


:-Dustin



** Attachment added: "foo.sh"
   http://launchpadlibrarian.net/19080162/foo.sh

-- 
ecryptfs-setup-private fails if passphrase contains character "%"
https://bugs.launchpad.net/bugs/290445
You received this bug notification because you are a member of eCryptfs,
which is subscribed to ecryptfs-utils in ubuntu.

Status in eCryptfs - Enterprise Cryptographic Filesystem: Fix Committed
Status in Ubuntu Release Notes: Fix Released
Status in “ecryptfs-utils” source package in Ubuntu: Fix Committed
Status in ecryptfs-utils in Ubuntu Intrepid: Fix Committed

Bug description:
Binary package hint: ecryptfs-utils

Ecrypt-setup-private asks for user login passphrase, but it seems to fail if there are certain special characters in passphrase (for me that would be %).

I'm running Ubuntu 8.10
ecryptfs-utils version 53-1ubuntu11

References

  Thread PreviousDate PreviousThread Next