ecryptfs team mailing list archive

[Tyler Hicks <tyhicks@xxxxxxxxxxxxx>]

Hi Ian - Thanks for the report.

It is normal for the root user to be able to view the decrypted versions
of the files, as long as the mount is active. The main goal of eCryptfs
is to provide protection of your files when eCryptfs isn't mounted. A
determined root user is practically impossible to keep out while the
eCryptfs mount is active.

Now, to address the issue of the user's home not unmounting after log
out...

1) Does the file ~/.ecryptfs/auto-umount exist? If not, run `touch
~/.ecryptfs/auto-umount` and see if that fixes it.

2) Is there a background process that is still running which has a file
opened in the home directory? You should be able to test this with the
lsof program. Log in, log out, then log back in as root, make sure that
the user's home directory is still mounted and, finally, run `lsof
/home/ian` (replacing ian with whatever your real username is).

-- 
You received this bug notification because you are a member of eCryptfs,
which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/849136

Title:
  ecryptfs leaves unencrypted mount after logout

Status in eCryptfs - Enterprise Cryptographic Filesystem:
  New

Bug description:
  If two users login, one having an encrypted home dir.  The second user
  (being a sysadmin) is able to sudo and view the encrypted user's home
  directory content.  If the encrypted user then logs out, the other
  user can still sudo to the previous users home directory as the
  unencrypted mount remains.

  I would expect that the encrypted home would unmount when a user logs
  off and a sudo to the encrypted user's home would show the unmounted
  state like before the user logged in.

  Although a sudo trusted user normally would be able to view all disk
  content, I was hoping that this would keep the prying sysadmin out of
  private data (local logins only allowed).

To manage notifications about this bug go to:
https://bugs.launchpad.net/ecryptfs/+bug/849136/+subscriptions