Package: libpam-mount Version: 0.13-2 Severity: wishlist If the user logs out while e.g. cron or root are holding resources in the mounted volume, the unmount simply fails and the volume stays mounted. If encrypted filesystems are in use, there's a security issue here.
One way would be to use lazy unmounts. Now, if a users logs out, the filesystem is actually unmounted when the last claim to it is over. If the user then logs in, the filesystem is simply mounted again. This leaves only the issue of the /dev/mapper nodes, which are left around, and which are essentially unencrypted. Maybe libpam_mount could leave a process which checks every few seconds whether the /dev/mapper node is still in use, and if not, then removes it? If libpam_mount actually uses cryptsetup for that, maybe we should clone this bug? -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft <[EMAIL PROTECTED]> : :' : proud Debian developer and author: http://debiansystem.info `. `'` `- Debian - when you have better things to do than fixing a system
signature.asc
Description: Digital signature (GPG/PGP)
