How does GDM know the face pictures of users with encrypted home directories?
I am always keeping an eye on the security of my PC, and I recently found something that doesn't make sense, or at least it might be an opportunity to learn more about the security model of Ubuntu.
It looks like the user's face picture is stored in "$HOME/.face". I can not find any other place where this is stored, and it would look strange to me if it were stored in multiple places. This face picture is visible in GDM, so it seems to me that GDM retrieves the face pictures from the $HOME/.face file of each user. But how does this work if the user has an encrypted home directory?
I checked it, and as long as a user has not logged in, his/her encrypted home directory is not mounted, and .face is not present. As far as I understand, an encrypted home directory can not be mounted without either the user's password or the key that was given to the user when the encrypted home directory was created. Does GDM have access to one of them before log-in? If that is the case, are they saved somewhere on disk, and wouldn't this break the whole concept of an encrypted home directory?
Links to locations in the GDM source code would also be appreciated. I've already downloaded the code.
Question information
- Language:
- English Edit question
- Status:
- Answered
- For:
- Ubuntu gdm Edit question
- Assignee:
- No assignee Edit question
- Last query:
- Last reply:
Can you help with this problem?
Provide an answer of your own, or ask cornware-cjp for more information if necessary.