oss-sec mailing list archives
Re: CVE request for ecryptfs
From: Jamie Strandboge <jamie () canonical com>
Date: Wed, 29 Oct 2008 10:28:25 -0500
On Wed, 29 Oct 2008, Tomas Hoger wrote:
Hi Jamie! On Thu, 23 Oct 2008 16:16:28 -0500 Jamie Strandboge <jamie () canonical com> wrote:While reviewing ecryptfs, I discovered an information disclosure vulnerability in ecryptfs-setup-private and notified upstream. This helper script was known as ecryptfs-setup-confidential in earlier releases. The problem arises when ecryptfs-setup-private invokes ecryptfs-wrap-passphrase and ecryptfs-add-passphrase with command line arguments that include the user's existing login password as well as the newly created mount password. As a result, these passwords can be snooped in the process table.Well the question is whether this should be worded as ecryptfs-setup-{private,confidential} issue, or more generic issue affecting various ecryptfs-* command line utilities, that only accept passwords as command line arguments (i.e. no interactive prompt). So even though there's not ecryptfs-setup-* script to fix in older versions, steps done by ecryptfs-setup-* are likely to be performed by the user manually, resulting in the same risk of leak as with helper script. Or do I miss anything?
That's exactly right, which reminded me, documentation surrounding ecryptfs also should be updated. I pinged upstream about it. I was also notified of an additional commit that is desirable (a bugix for the patch to ecryptfs-setup-private): http://git.kernel.org/?p=linux/kernel/git/mhalcrow/ecryptfs-utils.git;a=commit;h=2c422e6d2549f90258cddeebf105b066b598bdbb Jamie -- Ubuntu Security Engineer | http://www.ubuntu.com/ Canonical Ltd. | http://www.canonical.com/
Attachment:
signature.asc
Description: Digital signature
Current thread:
- CVE request for ecryptfs Jamie Strandboge (Oct 23)
- Re: CVE request for ecryptfs Tomas Hoger (Oct 29)
- Re: CVE request for ecryptfs Jamie Strandboge (Oct 29)
- Re: CVE request for ecryptfs Tomas Hoger (Oct 29)