Tested myself, can confirm this one. This is bad especially because of this: http://blog.wired.com/27bstroke6/2008/02/researchers-dis.html and because of that storing the passphrase itself is not required for the encryption to work.. Better approach would be to store just (salted) hash (which is used for the md encryption module anyways). It makes at least finding the real key harder.
** Changed in: ubuntu Status: New => Confirmed -- Encrypted LUKS disks store passphrase plaintext in memory https://bugs.launchpad.net/bugs/196368 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs