[pkg-cryptsetup-devel] Bug#551540: cryptsetup fails when EUID != UID
Alasdair G Kergon
agk at redhat.com
Sun Oct 25 17:14:44 UTC 2009
On Sat, Oct 24, 2009 at 11:52:36PM +0200, Vincent Fourmond wrote:
> I'm unsure whether this should be attributed to cryptsetup or pmount:
> maybe simply setting the real user ID to root before launching
> cryptsetup would do the trick. In principle, the security risk is hardly
> greater with UID = root instead of only EUID = root, unless I'm very
> much mistaken.
I've not looked at any of this code so I have no idea how well
ring-fenced this environment is, but I would strongly advise against
setting uid = root without first performing a basic security audit of
the implications of that change. If the code currently explicitly
checks for uid != euid and refuses to run, at the very least find out
why before bypassing the check, and understand how many other security
checks such a change would also bypass and review them all too.
As an additional safeguard, attempt to get prior agreement from the
relevant upstream developers to minimise the risk of introducing
another Debian-only security bug.
Alasdair
More information about the pkg-cryptsetup-devel
mailing list