Mounting an encrypted volume presents the volume to all users on a machine
nodata
lsof at nodata.co.uk
Mon Oct 25 22:40:41 UTC 2010
On 26/10/10 00:31, Nathanael D. Noblet wrote:
> On 10/25/2010 04:28 PM, nodata wrote:
>> Hi,
>>
>> I'm concerned about the default behaviour of mounting encrypted volumes.
>>
>> The default behaviour is that a user must know and supply a passphrase
>> in order to mount an encrypted volume. This is good: know the
>> passphrase, you get to mount the volume.
>>
>> What I am concerned about is that the volume is mounted for _every_ user
>> on the system to see.
>>
>> I've filed a bug about this, and it got closed:
>> https://bugzilla.redhat.com/show_bug.cgi?id=646085
>>
>> I'm quite in favour of secure by default. In the worst case, the
>> mountpoint would have permissions set to read access to all if you tick
>> a box.
>
> Wouldn't they be restricted based on the contents of the encrypted volume?
Yes. Once the volume is mounted it will be treated with normal UNIX
permissions. So you would have to create a sub-directory on the volume
where the permissions were strict and create files under that.
My point is that if the disk is encrypted, and the user knows the
passphrase to access files on the device, then it doesn't make sense to
let everyone else see what's on the device as well: it only make sense
to decrypt the device to the user who knows the passphrase.
There's an argument that other people will want to see what's on the
device too. That's fine: the user can opt-in to that. But secure by
default should be what we're aiming at.
More information about the devel
mailing list