Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the '10.4: A FileVault/wake from sleep password issue' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.4: A FileVault/wake from sleep password issue
Authored by: SOX on Jul 10, '06 09:26:17AM

I don't use filevault but I would assume that the vault password is in a keychain which is unlocked by the user password. Perhaps I'm mistaken? Does file vault ask for an additional passcode besides the login?

If so then any admin can access the fiel vault without knowing the vault password simply by forcing a login as the user which will then unlock the keychain.

Thus this is more than simply being a screen saver issue. The only thing the screen saver provides is a way to do this very easily in a way that can't be easily detected.



[ Reply to This | # ]
10.4: A FileVault/wake from sleep password issue
Authored by: allanmarcus on Jul 10, '06 11:52:07AM

no, you don't understand how file vault works.

FV is an encrypted disk image of the user's home directory. There some certificate management as well. When the user logs in, the password is used to decrypt and mount the disk image, which is seemlessly used as the user's home dir. When the screen saver is activated and mouse is moved, the authentication dialog comes up and the user or an admin can authenticate. The disk image was already mounted, so that's how the admin can see it.

If the user logs out, the disk image is unmounted. The ONLY way to mount it is to have either the user's password (stored in the keychain) or the master FV password). Even if the admin changes the user's login password, the FV password is NOT changed. In fact, the user's keychain password is also not changed unless the user changed the login password and the password are in sync.

Bottom line, the FV is pretty well locked down except against a user that locks the screen and gives physical access to an admin. The solution to this, as stated elsewhere, is to have the user log out.



[ Reply to This | # ]
10.4: A FileVault/wake from sleep password issue
Authored by: SOX on Jul 10, '06 05:03:23PM

yes but how does it decrypt it? I would bet it does not use the users passwrod to encrypt it since then you could not (easily) change a users password. I bet it uses the keychain. in whihc case everything I said is correct. that is the act of loggin in foirced by root would decrypt it.



[ Reply to This | # ]
You're correct, except not
Authored by: dethbunny on Jul 10, '06 11:31:08PM
You're correct in that the FileVault image is not encrypted with the user's password. It's encrypted with a private key that is stored in the keychain. The keychain, however, is encrypted with the user's password. [very slightly simplified]

That's why changing the account password through any method other than the Accounts prefpane results in numerous dialogs asking for the "password for the keychain 'login.'" A user cannot unlock a keychain unless the password is known, even if blessed with Admin powers. That's also why the Master Password is so important for FileVault - without that, any time the account password is forgotten all data becomes totally inaccessible.

Keychain and FileVault are actually very secure if strong passwords are used.

[ Reply to This | # ]
You're correct, except not
Authored by: SOX on Jul 11, '06 09:53:07AM

I don't think you are correct. When I change my password on my computer or sometimes after I do a system software update, when I run a program than wants keychain access it pops up and says my keycahin password has changed do you want to update the key chain. I don't need to enter my password to do that (after what would I enter, my old one or my new one?). I just click okay. instant keychain access.

thus root should be able to do this.



[ Reply to This | # ]