On Sat, Oct 24, 2009 at 11:52:36PM +0200, Vincent Fourmond wrote: > I'm unsure whether this should be attributed to cryptsetup or pmount: > maybe simply setting the real user ID to root before launching > cryptsetup would do the trick. In principle, the security risk is hardly > greater with UID = root instead of only EUID = root, unless I'm very > much mistaken.
I've not looked at any of this code so I have no idea how well ring-fenced this environment is, but I would strongly advise against setting uid = root without first performing a basic security audit of the implications of that change. If the code currently explicitly checks for uid != euid and refuses to run, at the very least find out why before bypassing the check, and understand how many other security checks such a change would also bypass and review them all too. As an additional safeguard, attempt to get prior agreement from the relevant upstream developers to minimise the risk of introducing another Debian-only security bug. Alasdair -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
