[dm-crypt] Library to do a 'luksOpen' programatically
Arno Wagner
arno at wagner.name
Wed Apr 7 13:01:26 CEST 2010
On Wed, Apr 07, 2010 at 12:05:43PM +0200, Miguel ?ngel Garc?a Roig wrote:
> El mi??, 07-04-2010 a las 11:54 +0200, Milan Broz escribi??:
> > On 04/07/2010 11:12 AM, Miguel ??ngel Garc??a Roig wrote:
> > > I'm trying to do a :
> > >
> > > # cryptsetup luksOpen /dev/hda2 root
> > >
> > > using a library call or similar. I am not able to call cryptsetup
> > > directly due to security reasons.
> >
> > Which security reasons?
>
> If i make a exec() calling the cryptsetup binary, if a user
> connected to the machine can gain access to root account, he/she
> could see the command, no ?
Indeed. As he/she can see a full memory dump, access the kernel
space, get the crypto-keys, etc. This is not a problem of using
the command. It is a problem of a user getting root access.
I think your security analysis is flawed.
> I haven't physical control to the machine, that's the main problem.
Why is that a problem?
> I have only access to the server for installation, and then i have to
> send it to my client.
Still no reason to not use cryptsetup. The only reason I see
for using the library is convenience or integration, but
security-wise the library is not better or worse than the
stand-alone executable.
Arno
--
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno at wagner.name
GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
If it's in the news, don't worry about it. The very definition of
"news" is "something that hardly ever happens." -- Bruce Schneier
More information about the dm-crypt
mailing list