Bug #1734541 “encrypted home-directory is not unmounted on logou...” : Bugs : gnome-session package : Ubuntu Log in / Register Ubuntu gnome-session package Overview Code Bugs Blueprints Translations Answers encrypted home-directory is not unmounted on logout Bug #1734541 reported by Jojo on 2017-11-26 300 This bug affects 10 people Affects Status Importance Assigned to Milestone ​ gnome-session Edit New Undecided Unassigned Edit You need to log in to change this bug's status. Affecting: gnome-session Filed here by: pawel When: 2019-07-25 Target Distribution Baltix BOSS Juju Charms Collection Elbuntu Guadalinex Guadalinex Edu Kiwi Linux nUbuntu PLD Linux Tilix tuXlab Ubuntu Ubuntu Linaro Evaluation Build Ubuntu RTM Package (Find…) Project (Find…) Status Importance New Undecided Assigned to Nobody Me Remote Watch None, the status of the bug is updated manually. None, the status of the bug is updated manually. Debian Bug tracker #765854 URL: The information about this bug in Launchpad is automatically pulled daily from the remote bug. Comment on this change (optional) Email me about changes to this bug report ​ ecryptfs-utils (Debian) Edit New Unknown debbugs #765854 You need to log in to change this bug's status. Affecting: ecryptfs-utils (Debian) Filed here by: Klaus Bielke When: 2020-06-19 Target Distribution Baltix BOSS Juju Charms Collection Debian Elbuntu Guadalinex Guadalinex Edu Kiwi Linux nUbuntu PLD Linux Tilix tuXlab Ubuntu Ubuntu Linaro Evaluation Build Ubuntu RTM Package (Find…) Project (Find…) Status Importance New Unknown Assigned to unknown Remote Watch None, the status of the bug is updated manually. None, the status of the bug is updated manually. Debian Bug tracker #765854 URL: The information about this bug in Launchpad is automatically pulled daily from the remote bug. This information was last pulled 8 hours ago. Comment on this change (optional) Email me about changes to this bug report ​ ecryptfs-utils (Ubuntu) Edit Confirmed Undecided Unassigned Edit You need to log in to change this bug's status. Affecting: ecryptfs-utils (Ubuntu) Filed here by: Wes When: 2018-08-20 Confirmed: 2018-08-20 Target Distribution Baltix BOSS Juju Charms Collection Elbuntu Guadalinex Guadalinex Edu Kiwi Linux nUbuntu PLD Linux Tilix tuXlab Ubuntu Ubuntu Linaro Evaluation Build Ubuntu RTM Package (Find…) Project (Find…) Status Importance Confirmed Undecided Assigned to Nobody Me Comment on this change (optional) Email me about changes to this bug report ​ gdm3 (Ubuntu) Edit Confirmed Medium Unassigned Edit You need to log in to change this bug's status. Affecting: gdm3 (Ubuntu) Filed here by: Jojo When: 2017-11-26 Confirmed: 2018-05-25 Target Distribution Baltix BOSS Juju Charms Collection Elbuntu Guadalinex Guadalinex Edu Kiwi Linux nUbuntu PLD Linux Tilix tuXlab Ubuntu Ubuntu Linaro Evaluation Build Ubuntu RTM Package (Find…) Project (Find…) Status Importance Confirmed Medium Assigned to Nobody Me Comment on this change (optional) Email me about changes to this bug report ​ gnome-session (Ubuntu) Edit Confirmed Medium Unassigned Edit You need to log in to change this bug's status. Affecting: gnome-session (Ubuntu) Filed here by: Daniel van Vugt When: 2017-12-21 Confirmed: 2018-05-25 Target Distribution Baltix BOSS Juju Charms Collection Elbuntu Guadalinex Guadalinex Edu Kiwi Linux nUbuntu PLD Linux Tilix tuXlab Ubuntu Ubuntu Linaro Evaluation Build Ubuntu RTM Package (Find…) Project (Find…) Status Importance Confirmed Medium Assigned to Nobody Me Comment on this change (optional) Email me about changes to this bug report Also affects project (?) Also affects distribution/package Nominate for series Bug Description Current Situation: If you log out from an user account with an encrypted home directory, it is not automatically unmounted and encrypted again. Expected behaviour: If I log out from an user account with an encrypted home directory, Id expect the homedir to be unmounted and encrypted again. Stepts to reproduce:     log into an account with encrypted home directory. (lets call it: user)     Log out again     log into another account (which has sudo rights, lets call it: user2) and now enter the following into a terminal: user2@ubuntu: sudo su user2@ubuntu: ls -la /home/user you can see the files of the user Reasons: This is a security issue, because as a user you can reasonable expect your data to be safe, if you log out. if you would simply log in as another user but keep your data accessable you would simply switch user, instead of loggin out. Many users only suspend their laptop while carrying it with them. Logging out and suspending the user expects to have at least the home directory encrypted. ProblemType: Bug DistroRelease: Ubuntu 17.10 Package: gdm3 3.26.1-3ubuntu2 ProcVersionSignature: Ubuntu 4.13.0-16.19-generic 4.13.4 Uname: Linux 4.13.0-16-generic x86_64 ApportVersion: 2.20.7-0ubuntu3 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Sun Nov 26 16:18:39 2017 EcryptfsInUse: Yes ProcEnviron:  TERM=xterm-256color  PATH=(custom, no user)  XDG_RUNTIME_DIR=  LANG=de_DE.UTF-8  SHELL=/bin/bash SourcePackage: gdm3 UpgradeStatus: No upgrade log present (probably fresh install) Tags: bionic amd64 apport-bug wayland-session Edit Tag help Jojo (derdiedasjojo) wrote on 2017-11-26: #1 Dependencies.txt Edit (23.0 KiB, text/plain; charset="utf-8") JournalErrors.txt Edit (66.8 KiB, text/plain; charset="utf-8") ProcCpuinfoMinimal.txt Edit (972 bytes, text/plain; charset="utf-8") Daniel van Vugt (vanvugt) on 2017-12-21 information type: Public → Public Security Daniel van Vugt (vanvugt) on 2017-12-21 Changed in gdm3 (Ubuntu): importance: Undecided → Medium Changed in gnome-session (Ubuntu): importance: Undecided → Medium Launchpad Janitor (janitor) wrote on 2018-05-25: #2 Status changed to 'Confirmed' because the bug affects multiple users. Changed in gdm3 (Ubuntu): status: New → Confirmed Changed in gnome-session (Ubuntu): status: New → Confirmed Star Man (starman) wrote on 2018-05-25: #4 I confirm this issue is affecting me too. Star Man (starman) wrote on 2018-05-25: #5 Sorry, this are my system specs: Ubuntu 18.04 LTS amd64 GNOME Shell desktop Ecryptfs IN USE kernel Linux 4.15.0-22-generic x86_64 ubuntu_neuer (pcspezialist-deactivatedaccount) wrote on 2018-06-10: #6 Ich bin ebenfalls davon betroffen. I confirm this issue is affecting me too. Das ist mein System: This are my system: Linux Mint 19 (Beta) 64Bit - based on Ubuntu 18.04 Cinnamon 3.8.4 Ecryptfs in use (Home - directory) kernel 4.15.0-22-generic x86_64 Wes (wesinator) on 2018-08-20 tags: added: bionic Changed in ecryptfs-utils (Ubuntu): status: New → Confirmed Mikko Rantalainen (mira) wrote on 2019-01-08: #7 Still happens with Ubuntu LTS 18.04. I can provide additional info if needed. Jarno Suni (jarnos) wrote on 2019-02-12: #8 The bug seems to be present in 16.04.5, too. Daniel van Vugt (vanvugt) on 2019-07-26 tags: added: xenial removed: artful dronus (paul-geisler) wrote on 2020-04-13: #9 Still an issue as of today 2020-04-13, for Ubuntu 18.04. Please set this critical immediately, this is a strong security issue for the use case of multiuser device! Using a "guest" user to share your device with others is a quite common use case. Everyone would expect that logging out and pass the device to another person would benefit from a eCrypt FS user homdedir setup. I myself usually log out and set my device to standby on a daily routine. That has me left unprotected by a while now it seems. I usually log out when taking the laptop to unsafe spaces like traveling, conferences and events in public spaces etc. I had expected that logging out would keep my data safe to some level. As this is a regression too, many already adapted to logout-is-safe behaviour. dronus (paul-geisler) wrote on 2020-04-13: #10 Also don't rely on the "affects me" counter above, as for non-power-users this bug is subtle and undetectable in most cases, leaving them unsafe without knowledge. Klaus Bielke (k-bielke) wrote on 2020-06-19: #11 See for workaround:  - https://wiki.ubuntuusers.de/ecryptfs/Einrichten/#Problembehebung  - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765854#107 Bug Watch Updater (bug-watch-updater) on 2020-06-19 Changed in ecryptfs-utils (Debian): status: Unknown → New Kai Kasurinen (kai-kasurinen) on 2020-07-10 affects: gnome-session-shutdown → gnome-session Dave J (bigcus) wrote on 2020-08-13: #12 Note this was also reported in bug 1637710 back in 2016 Daniel van Vugt (vanvugt) on 2020-11-17 tags: removed: xenial See full activity log To post a comment you must log in. Report a bug This report contains Public Security information  Edit Everyone can see this security related information. Mark as duplicate Convert to a question Link a related branch Link to CVE You are not directly subscribed to this bug's notifications. Subscribing... Edit bug mail Other bug subscribers Subscribe someone else Bug attachments Dependencies.txt (edit) JournalErrors.txt (edit) ProcCpuinfoMinimal.txt (edit) Add attachment Remote bug watches debbugs #765854 [open critical security] Edit Bug watches keep track of this bug in other bug trackers.  •  Take the tour  •  Read the guide   © 2004-2021 Canonical Ltd.  •  Terms of use  •  Data privacy  •  Contact Launchpad Support  •  Blog  •  Careers  •  System status  •  r3d7abcb (Get the code!)