[Ecryptfs] [Bug 290445] Re: ecryptfs-setup-private fails if passphrase contains character "%"

Thu, 30 Oct 2008 08:37:21 -0700 

Per https://wiki.ubuntu.com/StableReleaseUpdates:

 1) This bug will impact any user wishing to setup an encrypted
~/Private directory having a "%" or a "-" in their login password or
their mount passphrase.

 2) This was fixed in Intrepid's ecryptfs-utils_53-1ubuntu12, which is
in Intrepid -proposed

 3) The fix involves 3 trivial changes, basically changing:
     printf "$foo" ------> printf "%s" "$foo"
  The upstream git commit is:
   * 
http://git.kernel.org/?p=linux/kernel/git/mhalcrow/ecryptfs-utils.git;a=commit;h=2c422e6d2549f90258cddeebf105b066b598bdbb

 4) TEST CASE:
    Using ecryptfs-utils_53-1ubuntu11 (or the Intrepid alternate/server) 
install media, set a user's password to something like "foo%bar".  Then run 
"ecryptfs-setup-private".  You will be prompted for your system password.  If 
you correctly enter "foo%bar", you will be told that your entered login 
passphrase is incorrect.
    Using ecryptfs-utils_53-1ubuntu12, the above test case should succeed.

 5) I believe the regression potential to be very low.  I'm attaching to
this bug a shell script I used to test, by generating 10,000 random
passwords including all sorts of alphanumeric and punctuation
characters, and testing the output of a printf "%s" "$foo".  You can use
this "fuzzing" test to verify the change.  I ran this numerous times.


:-Dustin



** Attachment added: "foo.sh"
   http://launchpadlibrarian.net/19080162/foo.sh

-- 
ecryptfs-setup-private fails if passphrase contains character "%"
https://bugs.launchpad.net/bugs/290445
You received this bug notification because you are a member of eCryptfs,
which is subscribed to ecryptfs-utils in ubuntu.

Status in eCryptfs - Enterprise Cryptographic Filesystem: Fix Committed
Status in Ubuntu Release Notes: Fix Released
Status in “ecryptfs-utils” source package in Ubuntu: Fix Committed
Status in ecryptfs-utils in Ubuntu Intrepid: Fix Committed

Bug description:
Binary package hint: ecryptfs-utils

Ecrypt-setup-private asks for user login passphrase, but it seems to fail if 
there are certain special characters in passphrase (for me that would be %).

I'm running Ubuntu 8.10
ecryptfs-utils version 53-1ubuntu11

_______________________________________________
Mailing list: https://launchpad.net/~ecryptfs
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~ecryptfs
More help   : https://help.launchpad.net/ListHelp

Reply via email to