Mounting an encrypted volume presents the volume to all users on a machine
nodata
lsof at nodata.co.uk
Mon Oct 25 22:33:17 UTC 2010
On 26/10/10 00:31, Nathanael D. Noblet wrote:
> On 10/25/2010 04:28 PM, nodata wrote:
>> Hi,
>>
>> I'm concerned about the default behaviour of mounting encrypted volumes.
>>
>> The default behaviour is that a user must know and supply a passphrase
>> in order to mount an encrypted volume. This is good: know the
>> passphrase, you get to mount the volume.
>>
>> What I am concerned about is that the volume is mounted for _every_ user
>> on the system to see.
>>
>> I've filed a bug about this, and it got closed:
>> https://bugzilla.redhat.com/show_bug.cgi?id=646085
>>
>> I'm quite in favour of secure by default. In the worst case, the
>> mountpoint would have permissions set to read access to all if you tick
>> a box.
>
> Wouldn't they be restricted based on the contents of the encrypted volume?
What do you mean?
More information about the devel
mailing list