Merge lp:~nobuto/ecryptfs/verify-wrapped-passphrase into lp:ecryptfs
Status: | Needs review |
---|---|
Proposed branch: | lp:~nobuto/ecryptfs/verify-wrapped-passphrase |
Merge into: | lp:ecryptfs |
Diff against target: |
62 lines (+20/-1) 2 files modified
debian/changelog (+3/-1) src/utils/ecryptfs-verify (+17/-0) |
To merge this branch: | bzr merge lp:~nobuto/ecryptfs/verify-wrapped-passphrase |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
eCryptfs | Pending | ||
Review via email: mp+153846@code.launchpad.net |
Description of the change
currently ecryptfs-verify script does not check permission of wrapped-passphrase.
This branch checks existence and permission of wrapped-passphrase.
one possible situation of mistaken permission of wrapped-passphrase is:
* a user forgot his/her password
* an admin reset user's login password
* the admin also created new wrapped-passphrase with stored passphrase and new password by ecryptfs-
* the admin forgot to change permission and left owner of wrapped-passphrase as root:root
then the user cannot read wrapped-passphrase and fails to mount ecryptfs.
Unmerged revisions
- 776. By Nobuto Murata
-
src/utils/
ecryptfs- verify: check existence and permission of
wrapped-passphrase (LP: #1156672)