updatedb.conf should include ecryptfs in the PRUNEFS line
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mlocate (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: mlocate
I am using ecryptfs-utils to create a ~/Private/ mount that I keep sensitive data in. I was shocked to find these files listed in a "locate" query. I believe that ecryptfs should be added to the list of excluded mlocate filesystems for two reasons:
1) It is a reasonable expectation that file metadata in an ecryptfs is just as private as the file contents: if an attacker plugs my stolen spun-down drive into an enemy system, my file metadata are compromised.
2) The cost to traverse an ecryptfs is noticeably higher than that of a raw ext3 filesystem
I have of course added this to my own copy, and the behavior is now precisely as I originally expected.
ProblemType: Bug
Architecture: i386
DistroRelease: Ubuntu 9.04
Package: mlocate 0.21.1-1ubuntu1
ProcEnviron:
LC_COLLATE=C
PATH=(custom, user)
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: mlocate
Uname: Linux 2.6.28-11-generic i686
For completeness:
ii ecryptfs-utils 73-0ubuntu6 ecryptfs cryptographic filesystem (utilities)
ii libecryptfs0 73-0ubuntu6 ecryptfs cryptographic filesystem (library)