On Wed, Apr 07, 2010 at 12:05:43PM +0200, Miguel ?ngel Garc?a Roig wrote: > El mi??, 07-04-2010 a las 11:54 +0200, Milan Broz escribi??: > > On 04/07/2010 11:12 AM, Miguel ??ngel Garc??a Roig wrote: > > > I'm trying to do a : > > > > > > # cryptsetup luksOpen /dev/hda2 root > > > > > > using a library call or similar. I am not able to call cryptsetup > > > directly due to security reasons. > > > > Which security reasons? > > If i make a exec() calling the cryptsetup binary, if a user > connected to the machine can gain access to root account, he/she > could see the command, no ? Indeed. As he/she can see a full memory dump, access the kernel space, get the crypto-keys, etc. This is not a problem of using the command. It is a problem of a user getting root access. I think your security analysis is flawed. > I haven't physical control to the machine, that's the main problem. Why is that a problem? > I have only access to the server for installation, and then i have to > send it to my client. Still no reason to not use cryptsetup. The only reason I see for using the library is convenience or integration, but security-wise the library is not better or worse than the stand-alone executable. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@xxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
