[Bug 936822] Re: ureadahead Caches eCryptfs Filesystem Contents
Githlar
936822 at bugs.launchpad.net
Mon Feb 20 09:10:59 UTC 2012
I only specifically patched for eCryptfs as it's the only encryption
officially supported. It's a bit of a hack-y patch, but unfortunately
busybox's /bin/sh can't do cool stuff like extglob in BASH... If that
were the case it would have been !(ecryptfs) instead. But it works.
** Tags added: ecryptfs ureadahead
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ureadahead in Ubuntu.
https://bugs.launchpad.net/bugs/936822
Title:
ureadahead Caches eCryptfs Filesystem Contents
Status in “ureadahead” package in Ubuntu:
New
Bug description:
If you have autologin enabled or you're just a fast typist, ureadahead
has the potential to cache pieces and whole filenames of files in an
eCryptfs filesystem. This is a potential security vulnerability as it
could theoretically provide a cryptanalyst vital pieces of plaintext
data to break the filesystem encryption. It's a big "if" but it's
possible.
I have attached a patch for /etc/init/ureadahead-other.conf to prevent
the caching of eCryptfs filesystems.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ureadahead/+bug/936822/+subscriptions
More information about the foundations-bugs
mailing list