The following effect may be a consequence of the same bug. Distribution: Ubuntu 10.04
1) Create user1 ( with administrative privileges ) 2) Create user2 ( without administrative privileges ) 3) Logged as user2 set up a private directory, logout & login, create some files in ~/Private, logout. 4) Logged as user1 change user2 password. 5) Logged as user2 (using the new password defined by user1) you can access the /home/user2/Private directory and its contents. The effect persists until you reboot. Conclusion: A privileged user can access private data from others (who recently have logged in and out ) by means of changing their password. -- umount of ecryptfs does not automatically clear the keyring (can be mounted by root later) https://bugs.launchpad.net/bugs/313812 You received this bug notification because you are a member of Registry Administrators, which is the registrant for Fedora. _______________________________________________ Mailing list: https://launchpad.net/~registry Post to : registry@lists.launchpad.net Unsubscribe : https://launchpad.net/~registry More help : https://help.launchpad.net/ListHelp
