ecryptfs team mailing list archive
-
ecryptfs team
-
Mailing list archive
-
Message #01797
[Bug 696276] Re: root user can mount a user encrypted directory
There's currently no access control checks on the mount wide key. DAC
(and MAC) permissions are what protect read access to the file. So, if
the user's home directory is already mounted, root will be able to read
the files.
Does this answer your question?
--
You received this bug notification because you are a member of eCryptfs,
which is a direct subscriber.
https://bugs.launchpad.net/bugs/696276
Title:
root user can mount a user encrypted directory
Status in eCryptfs - Enterprise Cryptographic Filesystem:
New
Bug description:
I could do that adding a SSH key to the user's authorized_keys file
and login with that key. I am surprise about I could decrypt the
user's home directory!
Doesn't eCryptfs prevent the root user to mount a user's home
directory?
Thanks!
References