[pkg-cryptsetup-devel] Bug#551540: cryptsetup fails when EUID != UID
Vincent Fourmond
fourmond at gmail.com
Sat Oct 24 21:52:36 UTC 2009
Hello,
Martin Orr wrote:
> reassign 551540 cryptsetup 2:1.1.0~rc2-1
> thanks
>
> It seems that "cryptsetup luksOpen" fails when EUID != UID. In
> particular, this happens when it is run by pmount which is suid (I
> assume that the reporters above ran pmount as non-root). If cryptsetup
> is run directly, then it works, because necessarily you become root
> before running cryptsetup; if I become root before running pmount, then
> also everything works.
Many thanks for fishing that out, I guess I would have had
difficulties finding out myself.
I'm unsure whether this should be attributed to cryptsetup or pmount:
maybe simply setting the real user ID to root before launching
cryptsetup would do the trick. In principle, the security risk is hardly
greater with UID = root instead of only EUID = root, unless I'm very
much mistaken.
I will prepare shortly an upload of pmount to experimental that fixes
this problem; I'll ping the bug then.
Cheers, and many thanks again !
Vincent
--
A guess is just a guess until you turn it into a pie chart.
Then it's an analysis.
-- Scott Adams
Vincent, not listening to anything for now
More information about the pkg-cryptsetup-devel
mailing list