Hello,
Martin Orr wrote:
> reassign 551540 cryptsetup 2:1.1.0~rc2-1
> thanks
>
> It seems that "cryptsetup luksOpen" fails when EUID != UID. In
> particular, this happens when it is run by pmount which is suid (I
> assume that the reporters above ran pmount as non-root). If cryptsetup
> is run directly, then it works, because necessarily you become root
> before running cryptsetup; if I become root before running pmount, then
> also everything works.
Many thanks for fishing that out, I guess I would have had
difficulties finding out myself.
I'm unsure whether this should be attributed to cryptsetup or pmount:
maybe simply setting the real user ID to root before launching
cryptsetup would do the trick. In principle, the security risk is hardly
greater with UID = root instead of only EUID = root, unless I'm very
much mistaken.
I will prepare shortly an upload of pmount to experimental that fixes
this problem; I'll ping the bug then.
Cheers, and many thanks again !
Vincent
--
A guess is just a guess until you turn it into a pie chart.
Then it's an analysis.
-- Scott Adams
Vincent, not listening to anything for now
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]