[pkg-cryptsetup-devel] Bug#626641: cryptsetup: bug #587220 re-introduced

Christoph Anton Mitterer calestyo at scientia.net
Fri May 13 22:40:57 UTC 2011


btw:
I hope you see now, how easy it is that issues which can at least
potentially destroy the whole intention of cryptsetup (and are therefore
especially much worse than e.g. a bug that would just destroy all data on a
dm-crypt/luks volume,... well at least for any people who seriously know
about security and who really seriously want it).

That's also the reason why in many places (not just the openpgp key
scripts) I suggested to use much more detailed documentation and much more
checks.

If a note at the respective init-scripts would have placed, specifically
telling that checks are not wanted here, or better said, that failing with
some error [exit code] is wanted if cryptdisk.functions is gone,... the
re-introduction of that security hole could have been avoided.


And although this may seem like a "minor" issue,... it should really be
understood that such a minor issue could render the whole security system
completely unusable.


Chris.





More information about the pkg-cryptsetup-devel mailing list