Tyler Hicks <tyhicks <at> canonical.com> writes: > On 2012-12-12 16:58:41, David Obadia wrote: > > Not sure why ecryptfs-recover-private requires root, I've found a way to do the > > same thing without root. > > A quick glance at that script shows that it needs root to do the > `mount -t ecryptfs ...` command. The main eCryptfs mount helper > (/sbin/mount.ecryptfs) is big and complex. Understood, that makes sense. That script might pre-date mount.ecryptfs_private? I say this because I was able to achieve the same functionality using only mount.ecryptfs_private, not mount.ecryptfs in my Python script. > > Also I think it would be helpful to have a user friendly API for > > creating/mounting/unmounting ecrypted folders that doesn't require root using > > the setuid in mount.ecryptfs_private. > > That might be a nice thing to have, but we want mount.ecryptfs_private > to stay as simple as possible so that it can be audited and so that we > don't introduce new security flaws into the code. It is intentionally > locked down to do very specific actions. Sounds reasonable. Maybe providing a wrapper script gives the best of both world? 1) Minimizes the amount of setuid code that needs to be audited 2) Gives flexibility to the end-user to do as much as can possibly be done, in a user-friendly manner, and without requiring root access. Would be glad to help, David- -- To unsubscribe from this list: send the line "unsubscribe ecryptfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
