OK... there is at least one sequence that does this.
When you:
1. restore files to their original location and
2. some files in the backup are outside your $HOME and
3. you have no deja-dup cache files for the backup location (like on a fresh
install)
In that case:
1. We write the encryption passphrase and/or network connection password to a
file like /tmp/deja-dup-XXXXXX so that we can run duplicity as root using
pkexec with those settings. (normally we pass those via environment variables,
but pkexec strips those)
2. That file is only read/writable for the current user (mode 0600).
3. It is deleted when the restore is finished.
So, while not ideal, this doesn't strike me as a critical bug. Still
though, we should consider ways to not do that.
** Changed in: deja-dup
Importance: Undecided => Medium
** Changed in: deja-dup
Status: New => Triaged
** Changed in: deja-dup (Ubuntu)
Importance: Critical => Undecided
** Changed in: deja-dup (Ubuntu)
Status: Incomplete => New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1814238
Title:
deja-dup saves passphrase in /tmp
To manage notifications about this bug go to:
https://bugs.launchpad.net/deja-dup/+bug/1814238/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
