ubuntustudio-bugs team mailing list archive
-
ubuntustudio-bugs team
-
Mailing list archive
-
Message #11610
[Bug 2016828] Re: You can "enable" encryption and then not provide a passphrase for the disk, in which case Calamares will do an unencrypted installation
There is now UX preventing this from happening.
** Changed in: calamares (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to calamares in Ubuntu.
https://bugs.launchpad.net/bugs/2016828
Title:
You can "enable" encryption and then not provide a passphrase for the
disk, in which case Calamares will do an unencrypted installation
Status in calamares package in Ubuntu:
Fix Released
Bug description:
Steps to reproduce:
1. Boot the Lubuntu Lunar Final ISO.
2. Begin the installation process.
3. When you get to the partitioning screen, check the "Encrypt system" checkbox but do not provide a passphrase.
4. Finish the installation process.
Expected result: You should not be able to proceed past the
partitioning screen without either providing an encryption passphrase
or unchecking the "Encrypt system" checkbox.
Actual result: You are allowed to proceed past the partitioning screen
even with "Encrypt system" checked and no passphrase provided. The
installed system will be entirely unencrypted (as opposed to being
encrypted with a blank passphrase).
Additional info: Calamares *does* show a great big warning sign over
on the right-hand side of the window until you input a passphrase, so
the user does have some warning that things won't go as they may
expect if they do this.
Personally, I believe this is entirely a UX issue, as the user is
given a warning, there's no "additional consequences" resulting from
installing this way that I can see (unlike the problem with a missing
user password which could cause XScreenSaver problems), and a user who
enables disk encryption ought to realize that they need to provide a
passphrase for the encryption to actually be any good. If a user
actually does accidentally install their system without encryption,
they should notice this when their system doesn't prompt them for a
disk passphrase, and will have ample opportunity to reinstall Lubuntu
correctly.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/calamares/+bug/2016828/+subscriptions
References