Mailinglist Archive: opensuse-bugs (4751 mails)

< Previous Next >
[Bug 1045886] ecryptfs problems with recent Tumbleweed
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Fri, 07 Jul 2017 15:42:49 +0000
  • Message-id: <bug-1045886-21960-FDD33oseSU@http.bugzilla.novell.com/>
http://bugzilla.novell.com/show_bug.cgi?id=1045886
http://bugzilla.novell.com/show_bug.cgi?id=1045886#c29

--- Comment #29 from Franck Bui <fbui@xxxxxxxx> ---
(In reply to Andrei Borzenkov from comment #25)
Note that now upstream links user keyring to service session keyring thus
exposing the exact key leak issue discussed here ...

https://github.com/systemd/systemd/commit/
437a85112e02042b62751395b9e7225628c1b708

and proposed

https://github.com/systemd/systemd/pull/6286

Those 2 commits look totally broken actually and the first one defeat the whole
point of having 74dd6b515fa968c57 commit whose aim is to have a dedicated
session keyring for each system services which is *not* linked with the user
keyring.

It looks like that only pam_keyinit.so was missing from the PAM config.

--
You are receiving this mail because:
You are on the CC list for the bug.
< Previous Next >