MainInclusionReportEcryptfsUtils

Main Inclusion Report for ecryptfs-utils

Requirements

  1. Availability:

  2. Rationale:

  3. Security:

    • CVE entries - none

    • Secunia history - none

    • Binaries running as root or suid/sgid: mount.ecryptfs_private, audited by KeesCook and MartinPitt, used to mount/umount a user's ~/Private directory.

    • Daemons: /usr/bin/ecryptfsd, but not used by default, used for advanced key management

    • Network activity: no ports opened

    • Does not handle incoming network data

    • Does not directly (not through a library) process binary (video, audio, etc) or structured (PDF, etc) data

    • Source code review performed by: DustinKirkland, familiar with a fair amount of the code; KeesCook/MartinPitt have reviewed the setuid program

  4. Quality assurance:

  5. Standards compliance:

  6. Dependencies:

    • Runtime
      • libecryptfs0 (= ${binary:Version}), libgcrypt11-dev, libgpg-error-dev, libgpgme11-dev, libgtk2.0-dev, libkeyutils-dev, libopencryptoki-dev [i386], libpam0g-dev, libpkcs11-helper1-dev, libssl-dev, libtspi-dev [i386]
    • Build
      • debhelper (>= 7), dpatch, autotools-dev, autoconf, automake, libtool, libgcrypt11-dev, libgpg-error-dev, libgpgme11-dev, libgtk2.0-dev, libkeyutils-dev, libopencryptoki-dev [i386], libpam0g-dev, libpkcs11-helper1-dev, libssl-dev, libtspi-dev [i386]

    • Are these all in main? - no, see

  7. Background information:

    • The general purpose and context of the package is clear from the package's debian/control file. Quoting debian/control:

      • Description: ecryptfs cryptographic filesystem (utilities) eCryptfs is a POSIX-compliant enterprise-class stacked cryptographic filesystem for Linux. It provides advanced key management and policy features. eCryptfs stores cryptographic metadata in the header of each file written, so that encrypted files can be copied between hosts; the file will be decryptable with the proper key, and there is no need to keep track of any additional information aside from what is already in the encrypted file itself. Think of eCryptfs as a sort of "gnupgfs". eCryptfs is a native Linux filesystem. The kernel module component of eCryptfs is part of the Linux kernel since 2.6.19. This package contains the userland utilities. Homepage: http://ecryptfs.sourceforge.net/ Bugs: mailto:ubuntu-users@lists.ubuntu.com

    • Upstream calls this software: ecryptfs-utils

    • It has not had different names in the past

Reviewers

MIR bug: 247400

MainInclusionReportEcryptfsUtils (last edited 2008-08-06 16:17:11 by localhost)