*** This bug is a duplicate of bug 287908 ***
https://bugs.launchpad.net/bugs/287908
** This bug has been marked a duplicate of bug 287908
ecryptfs-setup-private potentially exposes passwords in the process table
--
insecure passing of passwords on the command line
https://bugs.launchpad.net/bugs/295511
You received this bug notification because you are a member of eCryptfs,
which is subscribed to ecryptfs-utils in ubuntu (via bug 287908).
Status in eCryptfs - Enterprise Cryptographic Filesystem: New
Bug description:
Passing the mount password and login password on the command line is insecure
on systems were this is viewable with ps. This is done in at least
ecryptfs-setup-private, and required by at least ecryptfs-wrap-passphrase and
ecryptfs-add-passphrase. Accepting the password on standard input is normally
preferred.
Originally from
http://sourceforge.net/tracker/index.php?func=detail&aid=2125165&group_id=133988&atid=728799
_______________________________________________
Mailing list: https://launchpad.net/~ecryptfs
Post to : [email protected]
Unsubscribe : https://launchpad.net/~ecryptfs
More help : https://help.launchpad.net/ListHelp
