Comment 1 for bug 247421

I absolutely want to support translations of the "Private" directory name, and it's definitely on my agenda.

This is a little bit complex at the moment. I have painstakingly created a setuid binary, mount.encrypted_private, that allows non-privileged users to mount their encrypted private directory. In order to pass the multiple levels of audits required to enable such a powerful setuid utility, I had to hardcode a couple of things.

Namely, the algorithm (aes), the key bytes (16), and the directory names ($HOME/.Private and $HOME/Private). My intention is to make each of these 3 parameters configurable by the system administrator in a /etc/ecryptfs.conf (perm 644) file. The key is that we cannot allow the user to arbitrarily choose the name of the directory in order to prevent a multitude of vulnerabilities.

:-Dustin