[dm-crypt] Library to do a 'luksOpen' programatically

[dm-crypt] Library to do a 'luksOpen' programatically

[Miguel Ángel García Roig]

I'm trying to do a : 

# cryptsetup luksOpen /dev/hda2 root

using a library call or similar. I am not able to call cryptsetup
directly due to security reasons.

Is there any library to do this ? I have read about the
libcryptsetup library, but i can not found it in debian lenny.

Thnaks in advance.
  

Re: [dm-crypt] Library to do a 'luksOpen' programatically

[Milan Broz]

On 04/07/2010 11:12 AM, Miguel Ángel García Roig wrote:
> I'm trying to do a : 
> 
> # cryptsetup luksOpen /dev/hda2 root
> 
> using a library call or similar. I am not able to call cryptsetup
> directly due to security reasons.

Which security reasons?

> 
> Is there any library to do this ? I have read about the
> libcryptsetup library, but i can not found it in debian lenny.

You need cryptsetup 1.1.0, it is in Debian testing/unstable already.

Milan

Re: [dm-crypt] Library to do a 'luksOpen' programatically

[Miguel Ángel García Roig]

El mié, 07-04-2010 a las 11:54 +0200, Milan Broz escribió:
> On 04/07/2010 11:12 AM, Miguel Ángel García Roig wrote:
> > I'm trying to do a : 
> > 
> > # cryptsetup luksOpen /dev/hda2 root
> > 
> > using a library call or similar. I am not able to call cryptsetup
> > directly due to security reasons.
> 
> Which security reasons?

If i make a exec() calling the cryptsetup binary, if a user
connected to the machine can gain access to root account, he/she
could see the command, no ?

I haven't physical control to the machine, that's the main problem.
I have only access to the server for installation, and then i have to
send it to my client. 

> 
> > 
> > Is there any library to do this ? I have read about the
> > libcryptsetup library, but i can not found it in debian lenny.
> 
> You need cryptsetup 1.1.0, it is in Debian testing/unstable already.
> 
> Milan

Thanks, i'll try to update to testing.

Re: [dm-crypt] Library to do a 'luksOpen' programatically

[Milan Broz]

On 04/07/2010 12:05 PM, Miguel Ángel García Roig wrote:

> I haven't physical control to the machine, that's the main problem.

Then there are many others ways how a local attacker can break it anyway.

And if anyone have root account, he can see the encryption key when device
is active.

Milan

Re: [dm-crypt] Library to do a 'luksOpen' programatically

[Arno Wagner]

On Wed, Apr 07, 2010 at 12:05:43PM +0200, Miguel ?ngel Garc?a Roig wrote:
> El mi??, 07-04-2010 a las 11:54 +0200, Milan Broz escribi??:
> > On 04/07/2010 11:12 AM, Miguel ??ngel Garc??a Roig wrote:
> > > I'm trying to do a : 
> > > 
> > > # cryptsetup luksOpen /dev/hda2 root
> > > 
> > > using a library call or similar. I am not able to call cryptsetup
> > > directly due to security reasons.
> > 
> > Which security reasons?
> 
> If i make a exec() calling the cryptsetup binary, if a user
> connected to the machine can gain access to root account, he/she
> could see the command, no ?

Indeed. As he/she can see a full memory dump, access the kernel 
space, get the crypto-keys, etc. This is not a problem of using 
the command. It is a problem of a user getting root access. 
 
I think your security analysis is flawed.

> I haven't physical control to the machine, that's the main problem.

Why is that a problem?

> I have only access to the server for installation, and then i have to
> send it to my client. 

Still no reason to not use cryptsetup. The only reason I see
for using the library is convenience or integration, but 
security-wise the library is not better or worse than the 
stand-alone executable.

Arno
-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier