© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
Hi Michael,
Thanks for your follow-up.
At least on my system (Fedora 10), "the biggie" point d) is not true.
I am logged in as a normal user, I issue a "su" command, mount the ecrypted FS as root with the valid password. Then I umount, exit out of the "su" command and even logout the normal user. (No one is now logged on to the system.)
I log again with my normal user account, do a "su" and mount the ecrypted FS with another password. The file is unencrypted again.
In other words, only a `keyctl clear @u` or a reboot will clear the key. That is more frightening.
I think that even without the new added feature, documenting the fact as clearly as you did in your email of the 26th would go a long way toward eliminating a false sense of security when using the ecryptfs.
Thanks a lot