ecryptfs team mailing list archive
-
ecryptfs team
-
Mailing list archive
-
Message #00599
[Bug 305882] Re: ecryptfs private wrapped passphrase with wrong password during password change
This bug was fixed in the package pam - 1.0.1-5ubuntu2
---------------
pam (1.0.1-5ubuntu2) jaunty; urgency=low
* New patch dont_freeze_password_chain, cherry-picked from upstream:
don't always follow the same path through the password stack on
the PAM_UPDATE_AUTHTOK pass as was used in the PAM_PRELIM_CHECK
pass; this Linux-PAM deviation from the original PAM spec causes a
number of problems, in particular causing wrong return values when
using the refactored pam-auth-update stack. LP: #303515, #305882.
-- Steve Langasek <steve.langasek@xxxxxxxxxx> Fri, 27 Feb 2009
16:20:24 -0800
** Changed in: pam (Ubuntu)
Status: In Progress => Fix Released
--
ecryptfs private wrapped passphrase with wrong password during password change
https://bugs.launchpad.net/bugs/305882
You received this bug notification because you are a member of eCryptfs,
which is subscribed to ecryptfs-utils in ubuntu.
Status in “ecryptfs-utils” source package in Ubuntu: Invalid
Status in “pam” source package in Ubuntu: Fix Released
Bug description:
Binary package hint: ecryptfs-utils
To reproduce:
1. On command line, attempt to change your password to a weak password (like "yes").
2. Actually change your password to a strong password.
I found that ecryptfs wrapped the passphrase in the weak password instead of the final password I chose.
Description: Ubuntu 8.10
Release: 8.10
ecryptfs-utils:
Installed: 53-1ubuntu12
Candidate: 53-1ubuntu12
Version table:
*** 53-1ubuntu12 0
500 http://mirrors.us.kernel.org intrepid-updates/main Packages
100 /var/lib/dpkg/status
53-1ubuntu11 0
500 http://mirrors.us.kernel.org intrepid/main Packages
References