Saturday, April 6, 2019

16.04 - Encrypted home folder still accessible after logout



I you have an account with an encrypted home folder, you can't access the user's plain text data in their home folder if that user hasn't logged in, yet, since the system last booted up. This is what I expected because it should in fact not be practically feasible to access a user's home folder without their password being entered.



However, I found that when a user with an encrypted home folder logs in and then logs out, the plain text data in their home folder still is accessible to other users. Sufficient access privileges are required, of course.



w doesn't list the user and the output of sudo pgrep -u is empty, indicating that the user doesn't have any running processes.




What is the reason for this behavior? Why not just lock the user's home folder after they logged out?



Known bug



If I understand correctly, this is a known bug.



See this link: wiki.archlinux.org/index.php/ECryptfs



Scroll down to the pink paragraph





Warning: Unfortunately the automatic unmounting is susceptible to break with systemd and bugs are filed against it ...




Work-around



As it is now, you had better shut down or reboot in order to remove the traces (It is not enough to log out).


No comments:

Post a Comment

11.10 - Can't boot from USB after installing Ubuntu

I bought a Samsung series 5 notebook and a very strange thing happened: I installed Ubuntu 11.10 from a usb pen drive but when I restarted (...