lp://staging/ubuntu/natty-security/ecryptfs-utils
- Get this branch:
- bzr branch lp://staging/ubuntu/natty-security/ecryptfs-utils
Branch merges
Related source package recipes
Branch information
Recent revisions
- 71. By Marc Deslauriers
-
* SECURITY UPDATE: wrong mtab ownership and permissions (LP: #830850)
- debian/patches/ CVE-2011- 3145.patch: also set gid and umask before
updating mtab in src/utils/mount.ecryptfs_ private. c.
- CVE-2011-3145 - 70. By Marc Deslauriers
-
* SECURITY UPDATE: privilege escalation via mountpoint race conditions
(LP: #732628)
- debian/patches/ CVE-2011- 1831,1832, 1834.patch: chdir into mountpoint
before checking permissions in src/utils/mount.ecryptfs_ private. c.
- CVE-2011-1831
- CVE-2011-1832
* SECURITY UPDATE: race condition when checking source during mount
(LP: #732628)
- debian/patches/ CVE-2011- 1833.patch: use new ecryptfs_ check_dev_ ruid
kernel option when mounting directory in
src/utils/mount. ecryptfs_ private. c.
- CVE-2011-1833
* SECURITY UPDATE: mtab corruption via improper handling (LP: #732628)
- debian/patches/ CVE-2011- 1831,1832, 1834.patch: modify mtab via a temp
file first and make sure it succeeds before replacing the real mtab
in src/utils/mount.ecryptfs_ private. c.
- CVE-2011-1834
* SECURITY UPDATE: key poisoning via insecure temp directory handling
(LP: #732628)
- debian/patches/ CVE-2011- 1835.patch: make sure we don't copy into a
user controlled directory in src/utils/ecryptfs- setup-private.
- CVE-2011-1835
* SECURITY UPDATE: information disclosure via recovery mount in /tmp
(LP: #732628)
- debian/patches/ CVE-2011- 1836.patch: mount inside protected
subdirectory in src/utils/ecryptfs- recover- private.
- CVE-2011-1836
* SECURITY UPDATE: arbitrary file overwrite via lock counter race
condition (LP: #732628)
- debian/patches/ CVE-2011- 1837.patch: verify permissions with a file
descriptor, and don't follow symlinks in
src/utils/mount. ecryptfs_ private. c.
- CVE-2011-1837 - 69. By Dustin Kirkland
-
[ Paolo Bonzini <email address hidden> ]
* src/utils/ecryptfs- setup-private: update the Private.* selinux
contexts[ Dustin Kirkland ]
* src/utils/ecryptfs- setup-private:
- add -p to mkdir, address noise for a non-error
- must insert keys during testing phase, since we remove keys on
unmount now, LP: #725862
* src/utils/ecryptfs_ rewrap_ passphrase. c: confirm passphrases in
interactive mode, LP: #667331 - 68. By Dustin Kirkland
-
[ Jakob Unterwurzacher ]
* src/pam_ecryptfs/ pam_ecryptfs. c:
- check if this file exists and ask the user for the wrapping passphrase
if it does
- eliminate both ecryptfs_pam_wrapping_ independent_ set() and
ecryptfs_pam_automount_ set() and replace with a reusable
file_exists_ dotecryptfs( ) function [ Serge Hallyn and Dustin Kirkland ]
* src/utils/mount.ecryptfs_ private. c:
- support multiple, user configurable private directories by way of
a command line "alias" argument
- this "alias" references a configuration file by the name of:
$HOME/.ecryptfs/ alias.conf, which is in an fstab(5) format,
as well as $HOME/.ecryptfs/ alias.sig, in the same format as
Private.sig
- if no argument specified, the utility operates in legacy mode,
defaulting to "Private"
- rename variables, s/dev/src/ and s/mnt/dest/
- add a read_config() function
- add an alias char* to replace the #defined ECRYPTFS_PRIVATE_ DIR
- this is half of the fix to LP: #615657
* doc/manpage/mount.ecryptfs_ private. 1: document these changes
* src/libecryptfs/main.c, src/utils/ mount.ecryptfs_ private. c:
- allow umount.ecryptfs_ private to succeed when the key is no
longer in user keyring. - 67. By Dustin Kirkland
-
[ Dustin Kirkland ]
* src/utils/ecryptfs- recover- private: clean sigs of invalid characters
* src/utils/mount.ecryptfs_ private. c:
- fix bug LP: #313812, clear used keys on unmount
- add ecryptfs_unlink_ sigs to the mount opts, so that unmounts from
umount.ecryptfs behave similarly
- use ecryptfs_remove_ auth_tok_ from_keyring( ) on the sig and sig_fnek [ <email address hidden> ]
* src/utils/ecryptfs- migrate- home:
- support user databases outside of /etc/passwd, LP: #627506 - 66. By Dustin Kirkland
-
* src/desktop/
ecryptfs- record- passphrase: fix typo, LP: #524139
* debian/rules, debian/control:
- disable the gpg key module, as it's not yet functional
- clean up unneeded build-deps
- also, not using opencryptoki either
* doc/manpage/ecryptfs. 7: fix minor documentation bug, reported by
email by Jon 'maddog' Hall
* doc/manpage/ecryptfs- recover- private. 1, doc/manpage/ Makefile. am,
po/POTFILES.in, src/utils/ecryptfs- recover- private,
src/utils/Makefile. am: add a utility to simplify data recovery
of an encrypted private directory from a Live ISO, LP: #689969 - 64. By Dustin Kirkland
-
debian/rules, debian/control: disable the gpg key module,
as it's not yet functional; does more harm than good to build it;
should not be in 10.04 LTS; clean up build-deps; also, not using
opencryptoki either; unbreak the build for 32-bit Lucid - 63. By Dustin Kirkland
-
[ David Planella ]
* Makefile.am, configure.ac, debian/control, debian/po/POTFILES. sh,
debian/po/ecryptfs- utils.pot, debian/po/fr.po, debian/rules,
po/POTFILES.in, src/desktop/Makefile. am,
src/desktop/ecryptfs- mount-private. desktop,
src/desktop/ecryptfs- mount-private. desktop. in,
src/desktop/ecryptfs- record- passphrase,
src/desktop/ecryptfs- setup-private. desktop,
src/desktop/ecryptfs- setup-private. desktop. in:
- internationalization work for LP: #358283
* po/LINGUAS, po/ca.po: Catalan translation[ Yan Li <email address hidden> ]
* src/pam_ecryptfs/ pam_ecryptfs. c, src/utils/ Makefile. am,
src/utils/ecryptfs- migrate- home: add a script and pam hooks to
support automatic migration to encrypted home directory[ Dustin Kirkland ]
* src/utils/ecryptfs- migrate- home: clean up for merge
- use $() rather than ``
- drop set -u
- use = and !=, and quote vars, rather than testing with -ne, -eq,
for better shell portability
- improve usage statement and error text
- check if already encrypted
- handle migration of multiple users on boot
- fix all whitespace, use tabs for indents
- use quotes around variables, rather than ${} (stylistic preference)
- major simplification for immediate release
+ remove boot and user modes; only support administrator mode for
security reasons and to avoid race conditions
+ other modes can be re-added, if necessary, and if security
concerns can be addressed
- ensure running as root
- drop VERBOSE option, always print useful info messages
- call the user $USER_NAME rather than $USER_ID since id implies
number, and here we're deailing with names
- no decimals on awk calculation
- mktemp on the target user, not root
- check that there is enough disk space available to do the migration
- ensure the user's homedir group is correct
- add critical instructions, user *must* login after the migration and
before the reboot, as their wrapped passphrase will be cleared on
reboot (possible we should use an init script to move these to
/var/tmp on reboot)
- ensure permissions are set correctly
- improve text at the end of the migration, organize into notes
* ecryptfs-utils.ecryptfs- utils-restore. upstart,
ecryptfs-utils.ecryptfs- utils-save. upstart, rules:
- try to protect migrating users who don't login before the next reboot
* debian/ecryptfs- utils.install: install the locale messages
* src/desktop/ecryptfs- record- passphrase: improve dialog text
* src/desktop/ecryptfs- record- passphrase: revert the _ bit, as it's not quite
working yet, will need to talk to David to fix
* Mark LP: #471725 as fixed
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://staging/ubuntu/oneiric/ecryptfs-utils
