On 26/10/10 00:31, Nathanael D. Noblet wrote: > On 10/25/2010 04:28 PM, nodata wrote: >> Hi, >> >> I'm concerned about the default behaviour of mounting encrypted volumes. >> >> The default behaviour is that a user must know and supply a passphrase >> in order to mount an encrypted volume. This is good: know the >> passphrase, you get to mount the volume. >> >> What I am concerned about is that the volume is mounted for _every_ user >> on the system to see. >> >> I've filed a bug about this, and it got closed: >> https://bugzilla.redhat.com/show_bug.cgi?id=646085 >> >> I'm quite in favour of secure by default. In the worst case, the >> mountpoint would have permissions set to read access to all if you tick >> a box. > > Wouldn't they be restricted based on the contents of the encrypted volume? Yes. Once the volume is mounted it will be treated with normal UNIX permissions. So you would have to create a sub-directory on the volume where the permissions were strict and create files under that. My point is that if the disk is encrypted, and the user knows the passphrase to access files on the device, then it doesn't make sense to let everyone else see what's on the device as well: it only make sense to decrypt the device to the user who knows the passphrase. There's an argument that other people will want to see what's on the device too. That's fine: the user can opt-in to that. But secure by default should be what we're aiming at. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
