ecryptfs team mailing list archive

Thread
Date

[Bug 383650] Re: leakage in the installer

To: ecryptfs@xxxxxxxxxxxxxxxxxxx
From: Kees Cook <kees@xxxxxxxxxx>
Date: Mon, 08 Jun 2009 21:25:16 -0000
Reply-to: Bug 383650 <383650@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Visibility changed to: Public

-- 
leakage in the installer
https://bugs.launchpad.net/bugs/383650
You received this bug notification because you are a member of eCryptfs,
which is subscribed to ecryptfs-utils in ubuntu.

Status in “ecryptfs-utils” source package in Ubuntu: Fix Released
Status in ecryptfs-utils in Ubuntu Jaunty: Fix Released

Bug description:
Binary package hint: ecryptfs-utils

The mount passphrase is leaked in the Ubuntu installer logs, at /var/log/installer/syslog.

This file is mode 0600:
-rw------- 1 syslog adm 347379 2009-06-04 11:00 /var/log/installer/syslog

However, it is written to the disk in the clear, and constitutes a leakage of the mount passphrase.

The upstream ecryptfs code (and Karmic) should be modified to support a flag to disable this printing, and the user-setup code should call ecryptfs-setup-private with this flag.

As for Jaunty, I'm attach a patch to ecryptfs-utils that should be uploaded to jaunty-security.  This patch uses sed to prune the offending lines out of /var/log/installer/syslog.

Please advise on whatever additional disclosure mechanisms (if any) need to be invoked (CVE, USN, etc.).

:-Dustin