ecryptfs team mailing list archive

Thread
Date

[Bug 883238] [NEW] encrypted-private mount passphrases can be leaked to disk

To: ecryptfs@xxxxxxxxxxxxxxxxxxx
From: Tyler Hicks <tyhicks@xxxxxxxxxxxxx>
Date: Fri, 28 Oct 2011 19:26:06 -0000
Reply-to: Bug 883238 <883238@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

*** This bug is a security vulnerability ***

Private security bug reported:

When an encrypted home or private directory is set up, instructions are
provided which say to login to the new account before rebooting. This is
so the newly generated mount passphrase can be wrapped with the user's
login passphrase before it is written to disk. During the time between
account creation and the initial login, the unencrypted mount passphrase
is stored in a tmpfs mount (/dev/shm/) and the file is protected by
restrictive DAC permissions.

If the instructions are not followed and the system is shut down before
the new user logs in, the ecryptfs-utils-save init script conf file
(/etc/init/ecryptfs-utils-save.conf) moves the unencrypted mount
passphrase from the tmpfs mount to a folder in /var/tmp/ to persist
across the reboot. Upon the next boot, the unencrypted mount passphrase
is moved back to the tmpfs mount in anticipation of the new user
performing the initial login.

The security concern is that the unencrypted mount passphrase is leaked
to disk, compromising the user's encrypted files in the case of an
offline attack. Because Linux does not have a secure file deletion
mechanism, an attacker may be successful in examining the disk and
extracting the mount passphrase which can then be used to unwrap each
file encryption key. The file encryption keys can then be used to
unencrypt the file contents.

** Affects: ecryptfs
     Importance: Medium
     Assignee: Dustin Kirkland (kirkland)
         Status: Triaged

** Description changed:

- When an encrypted home or private directory is setup, instructions are
+ When an encrypted home or private directory is set up, instructions are
  provided which say to login to the new account before rebooting. This is
  so the newly generated mount passphrase can be wrapped with the user's
  login passphrase before it is written to disk. During the time between
- account creating and initial login, the unencrypted mount passphrase is
- stored in a tmpfs mount (/dev/shm/) and the file is protected by
+ account creation and the initial login, the unencrypted mount passphrase
+ is stored in a tmpfs mount (/dev/shm/) and the file is protected by
  restrictive DAC permissions.
  
  If the instructions are not followed and the system is shut down before
  the new user logs in, the ecryptfs-utils-save init script conf file
  (/etc/init/ecryptfs-utils-save.conf) moves the unencrypted mount
  passphrase from the tmpfs mount to a folder in /var/tmp/ to persist
  across the reboot. Upon the next boot, the unencrypted mount passphrase
  is moved back to the tmpfs mount in anticipation of the new user
  performing the initial login.
  
  The security concern is that the unencrypted mount passphrase is leaked
  to disk, compromising the user's encrypted files in the case of an
  offline attack. Because Linux does not have a secure file deletion
  mechanism, an attacker may be successful in examining the disk and
  extracting the mount passphrase which can then be used to unwrap each
  file encryption key. The file encryption keys can then be used to
  unencrypt the file contents.

-- 
You received this bug notification because you are a member of eCryptfs,
which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/883238

Title:
  encrypted-private mount passphrases can be leaked to disk

Status in eCryptfs - Enterprise Cryptographic Filesystem:
  Triaged

Bug description:
  When an encrypted home or private directory is set up, instructions
  are provided which say to login to the new account before rebooting.
  This is so the newly generated mount passphrase can be wrapped with
  the user's login passphrase before it is written to disk. During the
  time between account creation and the initial login, the unencrypted
  mount passphrase is stored in a tmpfs mount (/dev/shm/) and the file
  is protected by restrictive DAC permissions.

  If the instructions are not followed and the system is shut down
  before the new user logs in, the ecryptfs-utils-save init script conf
  file (/etc/init/ecryptfs-utils-save.conf) moves the unencrypted mount
  passphrase from the tmpfs mount to a folder in /var/tmp/ to persist
  across the reboot. Upon the next boot, the unencrypted mount
  passphrase is moved back to the tmpfs mount in anticipation of the new
  user performing the initial login.

  The security concern is that the unencrypted mount passphrase is
  leaked to disk, compromising the user's encrypted files in the case of
  an offline attack. Because Linux does not have a secure file deletion
  mechanism, an attacker may be successful in examining the disk and
  extracting the mount passphrase which can then be used to unwrap each
  file encryption key. The file encryption keys can then be used to
  unencrypt the file contents.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ecryptfs/+bug/883238/+subscriptions

Follow ups

[Bug 883238] Re: encrypted-private mount passphrases can be leaked to disk
From: Launchpad Bug Tracker, 2011-12-14
[Bug 883238] Re: encrypted-private mount passphrases can be leaked to disk
From: Launchpad Bug Tracker, 2011-12-14
[Bug 883238] Re: encrypted-private mount passphrases can be leaked to disk
From: Dustin Kirkland, 2011-12-14
[Bug 883238] Re: encrypted-private mount passphrases can be leaked to disk
From: Launchpad Bug Tracker, 2011-12-13
[Bug 883238] Re: encrypted-private mount passphrases can be leaked to disk
From: Dustin Kirkland, 2011-10-28
[Bug 883238] Re: encrypted-private mount passphrases can be leaked to disk
From: Tyler Hicks, 2011-10-28
[Bug 883238] [NEW] encrypted-private mount passphrases can be leaked to disk
From: Tyler Hicks, 2011-10-28

References

[Bug 883238] [NEW] encrypted-private mount passphrases can be leaked to disk
From: Tyler Hicks, 2011-10-28