ecryptfs team mailing list archive

Thread
Date

[Bug 277655] Re: Protect data in an encrypted Private from being inadvertently copied elsewhere (eg, thumbnailers)

To: ecryptfs@xxxxxxxxxxxxxxxxxxx
From: Dustin Kirkland <dustin.kirkland@xxxxxxxxx>
Date: Fri, 18 Sep 2009 21:16:56 -0000
Reply-to: Bug 277655 <277655@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

We now have encrypted swap.  This should help matters tremendously.

Additionally, I recommend making /tmp a tmpfs in memory, by adding the following line to your /etc/fstab:
tmpfs /tmp tmpfs rw


If other programs copy data out of a user's home directory to other locations *on disk*, bugs should be filed against those programs for leaking user data.

At this point I'm closing the eCryptfs aspects of this bug.

Thanks,
:-Dustin

** Changed in: ecryptfs
       Status: Confirmed => Fix Released

** Changed in: ecryptfs-utils (Ubuntu)
       Status: Confirmed => Fix Released

-- 
Protect data in an encrypted Private from being inadvertently copied elsewhere (eg, thumbnailers)
https://bugs.launchpad.net/bugs/277655
You received this bug notification because you are a member of eCryptfs,
which is subscribed to ecryptfs-utils in ubuntu.

Status in eCryptfs - Enterprise Cryptographic Filesystem: Fix Released
Status in “ecryptfs-utils” package in Ubuntu: Fix Released

Bug description:
Intrepid introduced the new Private directory in the user's home directory.  To prevent information leakage, thumbnailers etc should be forbidden from entering the directory (or should store their thumbnails inside the private dir).  Has this been considered/solved?