1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
Description: fix key poisoning via insecure temp directory handling
Author: Marc Deslauriers <marc.deslauriers@canonical.com>
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/732628
--- ecryptfs-utils-83.orig/src/utils/ecryptfs-setup-private
+++ ecryptfs-utils-83/src/utils/ecryptfs-setup-private
@@ -380,7 +380,7 @@
# ramdisk, to keep it from leaking to the hard-drive.
temp=`mktemp /dev/shm/.ecryptfs-XXXXXX`
printf "%s" "$MOUNTPASS" > "$temp"
- mv "$temp" "/dev/shm/.ecryptfs-$USER"
+ mv -f -T "$temp" "/dev/shm/.ecryptfs-$USER" || error "Could not create passphrase file"
else
printf "%s\n%s" "$MOUNTPASS" "$LOGINPASS" | ecryptfs-wrap-passphrase "$HOME/.ecryptfs/wrapped-passphrase" - || error "$(gettext 'Could not wrap passphrase')"
fi
|
