Bug Description

Binary package hint: ecryptfs-utils

The mount passphrase is leaked in the Ubuntu installer logs, at /var/log/ installer/ syslog.

This file is mode 0600:

-rw------- 1 syslog adm 347379 2009-06-04 11:00 /var/log/ installer/ syslog

However, it is written to the disk in the clear, and constitutes a leakage of the mount passphrase.

The upstream ecryptfs code (and Karmic) should be modified to support a flag to disable this printing, and the user-setup code should call ecryptfs- setup-private with this flag.

As for Jaunty, I'm attach a patch to ecryptfs-utils that should be uploaded to jaunty-security. This patch uses sed to prune the offending lines out of /var/log/ installer/ syslog.

Please advise on whatever additional disclosure mechanisms (if any) need to be invoked (CVE, USN, etc.).

:-Dustin