Mounting an encrypted volume presents the volume to all users on a machine
Daniel J Walsh
dwalsh at redhat.com
Tue Oct 26 12:21:12 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 10/26/2010 02:36 AM, Tomas Mraz wrote:
> On Tue, 2010-10-26 at 00:28 +0200, nodata wrote:
>> Hi,
>>
>> I'm concerned about the default behaviour of mounting encrypted volumes.
>>
>> The default behaviour is that a user must know and supply a passphrase
>> in order to mount an encrypted volume. This is good: know the
>> passphrase, you get to mount the volume.
>>
>> What I am concerned about is that the volume is mounted for _every_ user
>> on the system to see.
>>
>> I've filed a bug about this, and it got closed:
>> https://bugzilla.redhat.com/show_bug.cgi?id=646085
>>
>> I'm quite in favour of secure by default. In the worst case, the
>> mountpoint would have permissions set to read access to all if you tick
>> a box.
>>
>> Thoughts?
>>
>
> This could be achieved by using pam_namespace to separate the namespaces
> of the logged-in users and mounting the encrypted volume as private into
> the namespace. However it also means that when the user is
> simultaneously logged in twice, he will not be able to access the
> encrypted volume in the second session either. It also means that the
> process that mounts the volume must run in the namespace of the user's
> session (setuid helper would be needed instead of using system service
> to mount the volume).
>
Might be something we could add to seunshare?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkzGx7QACgkQrlYvE4MpobNHaACgrpZOOlI7IRtgPFEImpQnNZBs
SNsAnRjAIRe9TJCg8NbA9hHOMcxrjiLr
=Kwo5
-----END PGP SIGNATURE-----
More information about the devel
mailing list