Package: libpam-mount Version: 0.32-4 Severity: important The problem seems to be relatively simple.
Basically, when you specify a volume in pam_mount.conf.xml, it translates the location of the folder you are mounting on. i.e. with debug enabled, when mounting a volume on login, it gives a message that the 'actual' location of /home/username/ is /home/username. The only issue is that when it tries to unmount, (with debug on), it says it cannot find the mounted location /home/username/ (I believe because it is translated to /home/username.) This could be a serious issue for anyone using an encrypted drive who specifies a name with a ending slash, as it will not unmount thier partition on their logout, and I assume leave the drive open for some sort of an attack (with the key still in memory?). I don't know exactly how an attacker could gain acess, but not unmounting the drive when the user has logged out without displaying a warning is something that should be fixed. I can collect specific log messages if you need them, but I think that it is clear what is going wrong. Thanks for the great software Jeremy -- System Information: Debian Release: lenny/sid APT prefers hardy-updates APT policy: (500, 'hardy-updates'), (500, 'hardy-security'), (500, 'hardy') Architecture: i386 (i686) Kernel: Linux 2.6.24-19-generic (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libpam-mount depends on: ii debconf 1.5.20 Debian configuration management sy ii libc6 2.7-10ubuntu3 GNU C Library: Shared libraries ii libhx10 1.10.2-2 A library providing queue, tree, I ii libpam0g 0.99.7.1-5ubuntu6.1 Pluggable Authentication Modules l ii libssl0.9.8 0.9.8g-4ubuntu3.3 SSL shared libraries ii libxml-writer-perl 0.603-1 Perl module for writing XML docume ii libxml2 2.6.31.dfsg-2ubuntu1 GNOME XML library ii mount 2.13.1-5ubuntu2 Tools for mounting and manipulatin libpam-mount recommends no packages. -- debconf information: * libpam-mount/convert-xml-config: true
