Your message dated Mon, 21 Feb 2022 17:56:16 +0100
with message-id <[email protected]>
and subject line Re: buster lacks package ecryptfs-utils
has caused the Debian Bug report #948520,
regarding Please provide ecryptfs-utils in buster-backports
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
948520: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948520
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: security.debian.org
Hi,
I just tried to read encrypted files (ecryptfs) from a fileserver
(written with ubuntu) on a debian buster machine, but I can't, because
the ecryptfs-utils are missing in buster.
As far as I found by googleing, the reason for dropping it was
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765854
i.e. private directories not unmounted when logging out.
If that is true, it was a rather shortsighted decision, because it
breakes particular functions, i.e. add passwords to the keyring or
mounting directories as a normal user.
Even if root can mount ecryptfs-filesystems directly, it's not available
to regular users, and giving it through tools like sudo open the door
too wide.
This is odd since there's no good substitute
* encfs is unsecure
* gocryptfs has some problems and runs in user space, see here
https://defuse.ca/audits/gocryptfs.htm
* cryfs is just based on a master thesis, and to the best of my
knowledge, not audited.
On the other hand, ecryptfs keeps keys and encryption within kernel
space, thus providing better security than a user space daemon.
regards
Hadmut
--- End Message ---
--- Begin Message ---
Version: 111-5~bpo10+1
--- End Message ---
