Currently Being ModeratedMay 6, 2012 5:23 PM (in response to tarwinator)
Currently Being ModeratedMay 7, 2012 1:34 AM (in response to tarwinator)
I'm not sure if I can support the assumption that this is an error in filevault.
I've just tried logging in as an network user in an newly setup and updated Lion VM (VMware Fusion) and run into the same behavior. Filevault was never active on this system.
Can someone with the following environment please verify:
- OpenDirectory users with Network Home on AFP
- Lion (10.7.3) Clients
- Snow Leopard or Lion Server
- Setup a new machine, or use one that never had filevault enabled
- Login as a (unprivileged!) network user with a Network Home on an AFP share
- logout, login as an admin user
- Check "Console" for log messages containing the string "_premountHomedir"
Please help to get to the bottom of this!
Currently Being ModeratedMay 7, 2012 11:57 AM (in response to tarwinator)
The proper place to report this and other issues is at http://bugreport.apple.com/ where they do get looked at quite quickly. As is pointed out in multiple locations, the forums are NOT monitored for feedback or bug reports.
Currently Being ModeratedMay 10, 2012 12:13 AM (in response to Patrick Stadelmann)
Currently Being ModeratedMay 10, 2012 12:21 AM (in response to MadMacs0)
The problem was never in FileVault but in Login Window. This is from http://support.apple.com/kb/HT5281
Available for: OS X Lion v10.7.3, OS X Lion Server v10.7.3
Impact: Remote admins and persons with physical access to the system may obtain account information
Description: An issue existed in the handling of network account logins. The login process recorded sensitive information in the system log, where other users of the system could read it. The sensitive information may persist in saved logs after installation of this update. This issue only affects systems running OS X Lion v10.7.3 with users of Legacy File Vault and/or networked home directories. See http://support.apple.com/kb/TS4272for more information about how to securely remove any remaining records.
CVE-2012-0652 : Terry Reeves and Tim Winningham of the Ohio State University, Markus 'Jaroneko' Räty of the Finnish Academy of Fine Arts, Jaakko Pero of Aalto University, Mark Cohen of Oregon State University, Paul Nelson
More Like This
- Retrieving data ...
- This solved my question - 10 points
- This helped me - 5 points