[Bug 277894] Re: anyone with a livecd can acces data on ubuntu -- encrypt home directories
I'm marking this "Fix Released". The ecryptfs-utils pieces are pretty much feature-complete, and uploaded to Ubuntu. The remaining bits are mostly in the installer, and in the GUI-tools. These have separate bugs. Cheers, :-Dustin ** Changed in: ecryptfs-utils (Ubuntu) Assignee: (unassigned) => Dustin Kirkland (kirkland) Status: In Progress => Fix Released -- anyone with a livecd can acces data on ubuntu -- encrypt home directories https://bugs.launchpad.net/bugs/277894 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 277894] Re: anyone with a livecd can acces data on ubuntu -- encrypt home directories
Jessie, One reason not to turn it on by default is that it runs some risk of the user's data being entirely unrecoverable - leaving aside the possibility of bugs in the software, users do forget passwords, etc. There are plenty of reports of people running into similar problems with NTFS encryption. Different people will have different preferences for whether they'd rather run the risk of losing access to their files themselves, or of someone else seeing them if they gain physical access to the machine. -- anyone with a livecd can acces data on ubuntu -- encrypt home directories https://bugs.launchpad.net/bugs/277894 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 277894] Re: anyone with a livecd can acces data on ubuntu -- encrypt home directories
I've fixed this upstream in ecryptfs-utils-66, which supports encryption of all of home directories. I'm leaving the Ubuntu task open for now, as there's a bit more work to be done at the distribution level, to get this working in the installer, etc. :-Dustin ** Also affects: ecryptfs Importance: Undecided Status: New ** Changed in: ecryptfs Status: New => Fix Released -- anyone with a livecd can acces data on ubuntu -- encrypt home directories https://bugs.launchpad.net/bugs/277894 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 277894] Re: anyone with a livecd can acces data on ubuntu -- encrypt home directories
if you explain all of the problems in detail (if any), people will be able to think of ways around them. post them here! On Wed, Nov 12, 2008 at 3:57 PM, Jessie Lawrence <[EMAIL PROTECTED]> wrote: > also, we have plenty of time to implement something like this, but > only if someone gets to work on this NOW. before its too late, > otherwise it will be another one of those failed features that didnt > make it. > > On Wed, Nov 12, 2008 at 3:55 PM, Jessie Lawrence <[EMAIL PROTECTED]> wrote: >> whats controversial about security? if encrypting the users home >> directory (other than the public folder) by default doesnt cause any >> problems, then there is no reason why it shouldnt be. if there are >> problems, enlighten me. >> >> plus, you should be able to enable and disable this feature through >> one of the settings windows in gnome-control-center, such as in System >>> Preferences > Encryption and Keyrings. >> >> On Wed, Nov 12, 2008 at 1:49 AM, Dustin Kirkland >> <[EMAIL PROTECTED]> wrote: >>> On Wed, Nov 12, 2008 at 2:50 AM, Jessie Lawrence <[EMAIL PROTECTED]> wrote: ok, cool. but i think that there should be a way to enable this through the gui, like in mac >>> >>> Perhaps. There's some problems with this, at least in my head, that I >>> don't know how to solve yet. We'll see. >>> also, is there any particular reason why it should not be enabled by default? are there any problems with it? >>> >>> This is a very controversial topic. Ubuntu users like choice. They >>> don't like something being forced upon them. Especially something >>> controversial. >>> >>> :-Dustin >>> >>> -- >>> anyone with a livecd can acces data on ubuntu -- encrypt home directories >>> https://bugs.launchpad.net/bugs/277894 >>> You received this bug notification because you are a direct subscriber >>> of the bug. >>> >>> Status in "ecryptfs-utils" source package in Ubuntu: In Progress >>> >>> Bug description: >>> all of my personal files i store in ubuntu can be accessed by anyone with a >>> livecd without knowing my password. mac actually locks your personal data >>> by default so if you put a livecd in and try to access them it will prompt >>> you for the password. ubuntu does not have this. this renders all of my >>> personal files insecure. this seems pretty serious to me. >>> >>> try using a livecd to read data from your home folder on a mac and see what >>> happens. this is what should happen in ubuntu. >>> >>> once again, seeing as this applies to everyone on a default setup and how >>> it allows anyone to see all of the files on the computer without a >>> password, including extremely private and critical ones, and seeing as how >>> you can eveen delete these files too, it seems pretty serious to me. >>> >> > -- anyone with a livecd can acces data on ubuntu -- encrypt home directories https://bugs.launchpad.net/bugs/277894 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 277894] Re: anyone with a livecd can acces data on ubuntu -- encrypt home directories
also, we have plenty of time to implement something like this, but only if someone gets to work on this NOW. before its too late, otherwise it will be another one of those failed features that didnt make it. On Wed, Nov 12, 2008 at 3:55 PM, Jessie Lawrence <[EMAIL PROTECTED]> wrote: > whats controversial about security? if encrypting the users home > directory (other than the public folder) by default doesnt cause any > problems, then there is no reason why it shouldnt be. if there are > problems, enlighten me. > > plus, you should be able to enable and disable this feature through > one of the settings windows in gnome-control-center, such as in System >> Preferences > Encryption and Keyrings. > > On Wed, Nov 12, 2008 at 1:49 AM, Dustin Kirkland > <[EMAIL PROTECTED]> wrote: >> On Wed, Nov 12, 2008 at 2:50 AM, Jessie Lawrence <[EMAIL PROTECTED]> wrote: >>> ok, cool. but i think that there should be a way to enable this through the >>> gui, like in mac >> >> Perhaps. There's some problems with this, at least in my head, that I >> don't know how to solve yet. We'll see. >> >>> also, is there any particular reason why it should not be enabled by >>> default? are there any problems with it? >> >> This is a very controversial topic. Ubuntu users like choice. They >> don't like something being forced upon them. Especially something >> controversial. >> >> :-Dustin >> >> -- >> anyone with a livecd can acces data on ubuntu -- encrypt home directories >> https://bugs.launchpad.net/bugs/277894 >> You received this bug notification because you are a direct subscriber >> of the bug. >> >> Status in "ecryptfs-utils" source package in Ubuntu: In Progress >> >> Bug description: >> all of my personal files i store in ubuntu can be accessed by anyone with a >> livecd without knowing my password. mac actually locks your personal data by >> default so if you put a livecd in and try to access them it will prompt you >> for the password. ubuntu does not have this. this renders all of my personal >> files insecure. this seems pretty serious to me. >> >> try using a livecd to read data from your home folder on a mac and see what >> happens. this is what should happen in ubuntu. >> >> once again, seeing as this applies to everyone on a default setup and how it >> allows anyone to see all of the files on the computer without a password, >> including extremely private and critical ones, and seeing as how you can >> eveen delete these files too, it seems pretty serious to me. >> > -- anyone with a livecd can acces data on ubuntu -- encrypt home directories https://bugs.launchpad.net/bugs/277894 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 277894] Re: anyone with a livecd can acces data on ubuntu -- encrypt home directories
whats controversial about security? if encrypting the users home directory (other than the public folder) by default doesnt cause any problems, then there is no reason why it shouldnt be. if there are problems, enlighten me. plus, you should be able to enable and disable this feature through one of the settings windows in gnome-control-center, such as in System > Preferences > Encryption and Keyrings. On Wed, Nov 12, 2008 at 1:49 AM, Dustin Kirkland <[EMAIL PROTECTED]> wrote: > On Wed, Nov 12, 2008 at 2:50 AM, Jessie Lawrence <[EMAIL PROTECTED]> wrote: >> ok, cool. but i think that there should be a way to enable this through the >> gui, like in mac > > Perhaps. There's some problems with this, at least in my head, that I > don't know how to solve yet. We'll see. > >> also, is there any particular reason why it should not be enabled by >> default? are there any problems with it? > > This is a very controversial topic. Ubuntu users like choice. They > don't like something being forced upon them. Especially something > controversial. > > :-Dustin > > -- > anyone with a livecd can acces data on ubuntu -- encrypt home directories > https://bugs.launchpad.net/bugs/277894 > You received this bug notification because you are a direct subscriber > of the bug. > > Status in "ecryptfs-utils" source package in Ubuntu: In Progress > > Bug description: > all of my personal files i store in ubuntu can be accessed by anyone with a > livecd without knowing my password. mac actually locks your personal data by > default so if you put a livecd in and try to access them it will prompt you > for the password. ubuntu does not have this. this renders all of my personal > files insecure. this seems pretty serious to me. > > try using a livecd to read data from your home folder on a mac and see what > happens. this is what should happen in ubuntu. > > once again, seeing as this applies to everyone on a default setup and how it > allows anyone to see all of the files on the computer without a password, > including extremely private and critical ones, and seeing as how you can > eveen delete these files too, it seems pretty serious to me. > -- anyone with a livecd can acces data on ubuntu -- encrypt home directories https://bugs.launchpad.net/bugs/277894 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 277894] Re: anyone with a livecd can acces data on ubuntu -- encrypt home directories
On Wed, Nov 12, 2008 at 2:50 AM, Jessie Lawrence <[EMAIL PROTECTED]> wrote: > ok, cool. but i think that there should be a way to enable this through the > gui, like in mac Perhaps. There's some problems with this, at least in my head, that I don't know how to solve yet. We'll see. > also, is there any particular reason why it should not be enabled by > default? are there any problems with it? This is a very controversial topic. Ubuntu users like choice. They don't like something being forced upon them. Especially something controversial. :-Dustin -- anyone with a livecd can acces data on ubuntu -- encrypt home directories https://bugs.launchpad.net/bugs/277894 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 277894] Re: anyone with a livecd can acces data on ubuntu -- encrypt home directories
ok, cool. but i think that there should be a way to enable this through the gui, like in mac also, is there any particular reason why it should not be enabled by default? are there any problems with it? On Tue, Nov 11, 2008 at 4:17 PM, Dustin Kirkland <[EMAIL PROTECTED]>wrote: > As I have said above, I'm work on seamless home directory encryption for > Jaunty. > > I have it working in several virtual machines, and on my primary > laptop. I'm still bringing together the pieces to automate the setup > thereof. > > It will *not* be the default. However, I do hope that it is an option > on installation (both desktop and server), as well as an option when > the administrator creates new users. > > :-Dustin > > -- > anyone with a livecd can acces data on ubuntu -- encrypt home directories > https://bugs.launchpad.net/bugs/277894 > You received this bug notification because you are a direct subscriber > of the bug. > > Status in "ecryptfs-utils" source package in Ubuntu: In Progress > > Bug description: > all of my personal files i store in ubuntu can be accessed by anyone with a > livecd without knowing my password. mac actually locks your personal data by > default so if you put a livecd in and try to access them it will prompt you > for the password. ubuntu does not have this. this renders all of my personal > files insecure. this seems pretty serious to me. > > try using a livecd to read data from your home folder on a mac and see what > happens. this is what should happen in ubuntu. > > once again, seeing as this applies to everyone on a default setup and how > it allows anyone to see all of the files on the computer without a password, > including extremely private and critical ones, and seeing as how you can > eveen delete these files too, it seems pretty serious to me. > -- anyone with a livecd can acces data on ubuntu -- encrypt home directories https://bugs.launchpad.net/bugs/277894 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 277894] Re: anyone with a livecd can acces data on ubuntu -- encrypt home directories
As I have said above, I'm work on seamless home directory encryption for Jaunty. I have it working in several virtual machines, and on my primary laptop. I'm still bringing together the pieces to automate the setup thereof. It will *not* be the default. However, I do hope that it is an option on installation (both desktop and server), as well as an option when the administrator creates new users. :-Dustin -- anyone with a livecd can acces data on ubuntu -- encrypt home directories https://bugs.launchpad.net/bugs/277894 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 277894] Re: anyone with a livecd can acces data on ubuntu -- encrypt home directories
well, actually, if doing something like this in ubuntu will cause complications, then maybe it shouldnt be enabled by default. but someone should certainly try to do something like this and avoid any complications, because this seems like a really nice feature. if someone makes something like this for ubuntu that works just as good as it does on mac, then it should be enabled by default. if it causes trouble upgrading or something, then the upgrade tool should automatically disable and then re-enable it if its enabled. but there probably would not be any complications. this should definately be attempted for jaunty. On Tue, Nov 11, 2008 at 3:56 PM, Jessie Lawrence <[EMAIL PROTECTED]>wrote: > hmm, thats strange. thats what happened to me. and i was even using 10.4 > > i put in the ubuntu live cd and when i tried to backup some files, i > couldnt unless i entered the right password and stuff, and then i only had > access to the public folder. that was my experience, i didnt read about it > anywhere. i dont even know what filevault is, but whatever it is, it sounds > like something cool that should be enabled by default, especially on > laptops. i think ubuntu should do that by default. > > maybe i accidentally enabled something without realizing it. back then when > i tried it, i dont remember how familiar i was with mac. > > > On Tue, Nov 11, 2008 at 8:55 AM, Dustin Kirkland < > [EMAIL PROTECTED]> wrote: > >> http://docs.info.apple.com/article.html?path=Mac/10.5/en/8736.html >> >> It looks like it's an optional configuration parameter, rather than >> being done by default... >> >> :-Dustin >> >> -- >> anyone with a livecd can acces data on ubuntu -- encrypt home directories >> https://bugs.launchpad.net/bugs/277894 >> You received this bug notification because you are a direct subscriber >> of the bug. >> >> Status in "ecryptfs-utils" source package in Ubuntu: In Progress >> >> Bug description: >> all of my personal files i store in ubuntu can be accessed by anyone with >> a livecd without knowing my password. mac actually locks your personal data >> by default so if you put a livecd in and try to access them it will prompt >> you for the password. ubuntu does not have this. this renders all of my >> personal files insecure. this seems pretty serious to me. >> >> try using a livecd to read data from your home folder on a mac and see >> what happens. this is what should happen in ubuntu. >> >> once again, seeing as this applies to everyone on a default setup and how >> it allows anyone to see all of the files on the computer without a password, >> including extremely private and critical ones, and seeing as how you can >> eveen delete these files too, it seems pretty serious to me. >> > > -- anyone with a livecd can acces data on ubuntu -- encrypt home directories https://bugs.launchpad.net/bugs/277894 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 277894] Re: anyone with a livecd can acces data on ubuntu -- encrypt home directories
hmm, thats strange. thats what happened to me. and i was even using 10.4 i put in the ubuntu live cd and when i tried to backup some files, i couldnt unless i entered the right password and stuff, and then i only had access to the public folder. that was my experience, i didnt read about it anywhere. i dont even know what filevault is, but whatever it is, it sounds like something cool that should be enabled by default, especially on laptops. i think ubuntu should do that by default. maybe i accidentally enabled something without realizing it. back then when i tried it, i dont remember how familiar i was with mac. On Tue, Nov 11, 2008 at 8:55 AM, Dustin Kirkland <[EMAIL PROTECTED]>wrote: > http://docs.info.apple.com/article.html?path=Mac/10.5/en/8736.html > > It looks like it's an optional configuration parameter, rather than > being done by default... > > :-Dustin > > -- > anyone with a livecd can acces data on ubuntu -- encrypt home directories > https://bugs.launchpad.net/bugs/277894 > You received this bug notification because you are a direct subscriber > of the bug. > > Status in "ecryptfs-utils" source package in Ubuntu: In Progress > > Bug description: > all of my personal files i store in ubuntu can be accessed by anyone with a > livecd without knowing my password. mac actually locks your personal data by > default so if you put a livecd in and try to access them it will prompt you > for the password. ubuntu does not have this. this renders all of my personal > files insecure. this seems pretty serious to me. > > try using a livecd to read data from your home folder on a mac and see what > happens. this is what should happen in ubuntu. > > once again, seeing as this applies to everyone on a default setup and how > it allows anyone to see all of the files on the computer without a password, > including extremely private and critical ones, and seeing as how you can > eveen delete these files too, it seems pretty serious to me. > -- anyone with a livecd can acces data on ubuntu -- encrypt home directories https://bugs.launchpad.net/bugs/277894 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 277894] Re: anyone with a livecd can acces data on ubuntu -- encrypt home directories
http://docs.info.apple.com/article.html?path=Mac/10.5/en/8736.html It looks like it's an optional configuration parameter, rather than being done by default... :-Dustin -- anyone with a livecd can acces data on ubuntu -- encrypt home directories https://bugs.launchpad.net/bugs/277894 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 277894] Re: anyone with a livecd can acces data on ubuntu -- encrypt home directories
"mac actually locks your personal data by default so if you put a livecd in and try to access them it will prompt you for the password." I've found no documentation of this (FileVault being enabled by default), nor can I reproduce it in 10.4. Can you provide some evidence of this claim? Thanks! -- anyone with a livecd can acces data on ubuntu -- encrypt home directories https://bugs.launchpad.net/bugs/277894 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs