Okay, just an FYI update, since I'm looking at this bug again... I'm going to leave this open and attached to ecryptfs-utils.
However, this is a pervasive problem in general. It would take a complete package audit to find all the places where data might be leaked to /var/* or /tmp/*, or elsewhere. Perhaps mandatory access control (SELinux/AppArmor) and exhaustive file labeling might help. Also, encrypted home directories in jaunty should also help, in terms of user data that gets copied to ~/.* directories. In the meantime, LVM and total disk encryption is likely the best option for users with a deep concern about this issue. Good luck, :-Dustin -- Protect data in an encrypted Private from being inadvertently copied elsewhere (eg, thumbnailers) https://bugs.launchpad.net/bugs/277655 You received this bug notification because you are a member of eCryptfs, which is subscribed to ecryptfs-utils in ubuntu. Status in “ecryptfs-utils” source package in Ubuntu: Confirmed Bug description: Intrepid introduced the new Private directory in the user's home directory. To prevent information leakage, thumbnailers etc should be forbidden from entering the directory (or should store their thumbnails inside the private dir). Has this been considered/solved? _______________________________________________ Mailing list: https://launchpad.net/~ecryptfs Post to : [email protected] Unsubscribe : https://launchpad.net/~ecryptfs More help : https://help.launchpad.net/ListHelp
