Hello, Martin Orr wrote: > reassign 551540 cryptsetup 2:1.1.0~rc2-1 > thanks > > It seems that "cryptsetup luksOpen" fails when EUID != UID. In > particular, this happens when it is run by pmount which is suid (I > assume that the reporters above ran pmount as non-root). If cryptsetup > is run directly, then it works, because necessarily you become root > before running cryptsetup; if I become root before running pmount, then > also everything works.
Many thanks for fishing that out, I guess I would have had difficulties finding out myself. I'm unsure whether this should be attributed to cryptsetup or pmount: maybe simply setting the real user ID to root before launching cryptsetup would do the trick. In principle, the security risk is hardly greater with UID = root instead of only EUID = root, unless I'm very much mistaken. I will prepare shortly an upload of pmount to experimental that fixes this problem; I'll ping the bug then. Cheers, and many thanks again ! Vincent -- A guess is just a guess until you turn it into a pie chart. Then it's an analysis. -- Scott Adams Vincent, not listening to anything for now -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org