ecryptfs team mailing list archive

Thread
Date
[Bug 257901] Re: Suggestion: GUI frontend(s) for ecryptfs-utils

To: ecryptfs@xxxxxxxxxxxxxxxxxxx
From: Michael Rooney <mrooney@xxxxxxxxxx>
Date: Thu, 01 Oct 2009 01:14:01 -0000
Reply-to: Bug 257901 <257901@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
If I am at UDS-L I could probably pretty easily work with either of you
two to integrate the branches and add any desired features; if you think
that would be useful, put in a good word for my sponsorship ;)

-- 
Suggestion: GUI frontend(s) for ecryptfs-utils
https://bugs.launchpad.net/bugs/257901
You received this bug notification because you are a member of eCryptfs,
which is subscribed to ecryptfs-utils in ubuntu.

Status in eCryptfs - Enterprise Cryptographic Filesystem: Triaged
Status in “ecryptfs-utils” package in Ubuntu: Triaged
Status in “ecryptfs-utils” package in Debian: Unknown

Bug description:
Binary package hint: ecryptfs-utils

This is a request from the user, suggested in the Discussion section of the EncryptedPrivateDirectory specification:
 * https://wiki.ubuntu.com/EncryptedPrivateDirectory

This suggestion has been moved here, as a wishlist bug.

Below is the text of the discussion, copied and pasted from that wiki page:

----

markc-qsiuk says:
 * I hope there will also be an option for the ~/Private directory to ''not'' be mounted at login, together with a user-friendly mechanism to (un)mount it explicitly when needed. As it stands at the moment, some hypothetical future browser exploit could simply harvest any files in ~/Private knowing that they're likely to contain usernames and passwords. As the browser is running under the auspices of the user, it would be able to read the content of the ~/Private directory. I'd rather leave my private data encrypted, and just mount the directory on-demand when I need to. Ideally I'd like both Nautilus and the Gnome fileselector to know about the ~/Private directory and prompt me to mount it (requesting my password) when I try to open it. I suppose that, in essence, I would like access to my privately encrypted files to be much like trying to do something as an administrator - I should be prompted for a password to confirm that I am who I say I am, and that I am explicitly giving permission for the file(s) to be accessed.

kirkland says:
  * I have opened wiki:Bug:256154 to support configurable mounting/unmounting of ~/Private.  With the patch attached to that bug, this will be handled by the pam_ecryptfs module checking for the existence of a file, ~/.ecryptfs/auto-mount before mounting, and ~/.ecryptfs/auto-umount before unmounting.  The default behavior as configured by ecryptfs-setup-private will touch both of those files.  You can remove them at your desire and disable the mounting/unmounting.  Unmounting on demand is absolutely trivial; just run umount.ecryptfs_private.  When ~/Private is not currently mounted, the directory has r-x- - - - - - permission, and has a file in it named, '''THIS DIRECTORY HAS BEEN UNMOUNTED TO PROTECT YOUR DATA --  Run mount.ecryptfs_private to mount again''', which happens to be a symbolic link to /sbin/mount.ecryptfs_private.  In Nautilus, you simply need to double-click on that file.  Perhaps we can get fancier, but I am not a GUI developer ;-) 

markc-qsiuk says:
   * Thanks for that additional information. The solution for mounting an unmounted Private directory seems reasonable (at least as a starting point). I'm not sure I would describe "just run ecryptfs.umount_private" as "absolutely trivial" though - mounting a Private directory requires a double-click on a file in that directory, whereas unmounting it requires sufficient understanding to launch some kind of CLI to run a command. Perhaps it would be possible to find someone with the GUI skills to write a simple Gnome panel application whose sole purpose is to call these commands to mount and unmount when the user clicks on it, and whose icon changes to reflect the current state - a locked padlock when the directory is unmounted, and an unlocked padlock when it's mounted, for example. Can you also confirm whether or not one of the application names above is a typo as you've written "ecryptfs.umount_private" and "mount.ecryptfs_private": I presume they're both supposed to be of the same form. 

MikeRooney:
   * I will be happy to make a basic user interface in python-gtk2, if someone can give me the basic requirements of it.

markc-qsiuk:
    * I think that for a basic UI there are two things required: (1) an indication of the current state of the private directory (mounted or unmounted), and (2) a means to switch to the opposite state. A configuration screen to enable or disable auto-mounting of the directory via the GUI would also be good. A Gnome panel applet would be a sensible option as it allows the user to check and modify the status at any time without launching another application, though I'm not sure how practical it would be in Kubuntu or Xubuntu. In the case of a such an applet, I would suggest an icon which indicates a locked state when the ~/Private directory is unmounted (i.e. the data are secure), and an unlocked state when the encrypted directory is mounted (i.e. the data are readable to any process running as the user - less secure). Clicking on the icon would execute {{{mount.ecryptfs_private}}} or {{{umount.ecryptfs_private}}} in order to switch state. Determining the current state could be as simple (or naive) as checking the permissions and content of ~/Private although there's probably a more robust way to determine it (Dustin, does a mounted ~/Private appear in /proc/mounts, for example?). Mike, if this sounds practical to you, perhaps we should create a new wiki page specifically for fleshing out the GUI tool.