Mounting an encrypted volume presents the volume to all users on a machine
Tomas Mraz
tmraz at redhat.com
Tue Oct 26 06:36:03 UTC 2010
On Tue, 2010-10-26 at 00:28 +0200, nodata wrote:
> Hi,
>
> I'm concerned about the default behaviour of mounting encrypted volumes.
>
> The default behaviour is that a user must know and supply a passphrase
> in order to mount an encrypted volume. This is good: know the
> passphrase, you get to mount the volume.
>
> What I am concerned about is that the volume is mounted for _every_ user
> on the system to see.
>
> I've filed a bug about this, and it got closed:
> https://bugzilla.redhat.com/show_bug.cgi?id=646085
>
> I'm quite in favour of secure by default. In the worst case, the
> mountpoint would have permissions set to read access to all if you tick
> a box.
>
> Thoughts?
>
This could be achieved by using pam_namespace to separate the namespaces
of the logged-in users and mounting the encrypted volume as private into
the namespace. However it also means that when the user is
simultaneously logged in twice, he will not be able to access the
encrypted volume in the second session either. It also means that the
process that mounts the volume must run in the namespace of the user's
session (setuid helper would be needed instead of using system service
to mount the volume).
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
More information about the devel
mailing list