On 18.04, package cryptsetup provides /etc/cryptsetup-initramfs/conf- hook which states:
# WARNING: If the initramfs image is to include private key material, # you'll want to create it with a restrictive umask in order to keep # non-privileged users at bay. For instance, set UMASK=0077 in # /etc/initramfs-tools/initramfs.conf Note that there is also /etc/initramfs-tools/conf.d/ -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1835095 Title: Lubuntu initrd images leaking cryptographic secret when disk encryption is used To manage notifications about this bug go to: https://bugs.launchpad.net/calamares/+bug/1835095/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
