After these users are logged out, and when you're listing their $HOME
directories, can you please confirm that their home directories are NOT
mounted, according to /etc/mtab and /proc/mounts?
You will see data there if these directories are still mounted, but when
they're not mounted, you should only see a very basic skeleton like
this:
$ sudo ls -alF /home/foobar/
total 8
dr-x------ 2 foobar foobar 4096 2011-12-27 11:01 ./
drwxr-xr-x 7 root root 4096 2011-12-27 11:01 ../
lrwxrwxrwx 1 foobar foobar 56 2011-12-27 11:01
Access-Your-Private-Data.desktop ->
/usr/share/ecryptfs-utils/ecryptfs-mount-private.desktop*
lrwxrwxrwx 1 foobar foobar 32 2011-12-27 11:01 .ecryptfs ->
/home/.ecryptfs/foobar/.ecryptfs/
lrwxrwxrwx 1 foobar foobar 31 2011-12-27 11:01 .Private ->
/home/.ecryptfs/foobar/.Private/
lrwxrwxrwx 1 foobar foobar 52 2011-12-27 11:01 README.txt ->
/usr/share/ecryptfs-utils/ecryptfs-mount-private.txt
Also, can you confirm the permissions on the user's home directories
when not mounted? As you should see above, the unmounted user home
directory should have permissions 500 dr-x------. Note that not even
the owner has write permission here. This is to prevent exactly the
situation you're describing -- inadvertently writing cleartext data to
the home directory.
** Changed in: ecryptfs-utils (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/818432
Title:
user home directory not fully encrypted
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/818432/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
