[Improvement] cryptsetup as non-root

[GoogleCodeExporter]

It's impossible to open a file owned by an user with that user.

It should be possible to give cryptsetup a suid bit. cryptsetup should check if 
the user is allowed to read/write the file/device and execute the command 
(similar to mount)

In case of luksOpen/create it create should create the mapper-device with the 
same owner/group/permissions as the file/device.

What version of the product are you using? On what operating system?
cryptsetup 1.4.3, Debian 7.4

Original issue reported on code.google.com by f.wa...@googlemail.com on 4 Jun 2014 at 1:50

[GoogleCodeExporter]

It is not so easy unfortunately.

Suid bit is not solution, it is too dangerous and in principle allows very 
nasty operations. Code is not written to allow suid and I think there are 
better approaches.

The requirement for user to map own devices is in principle blocked by these 
things:

- device-mapper subsystem support (it requires root to operate). There were 
ideas to implement "user private" devices but it never reach upstream.

- LUKS requires temporary dmcrypt devices when working with keyslots (thus 
limited by previous item even in header operations). I implemented alternative 
approach already (in git, not yet in release), so manipulating with LUKS header 
on device will require only user access to device (similar to Truecrypt format 
support).

So the only operation which require root is activation/deactivation and suspend.

There are some alternatives which uses suid (see cryptmount project) but I do 
not think this proper way.

Usually distros use udisks2 or similar daemon to mount LUKS for user and I 
think it works pretty reliably.

I would prefer that device-mapper subsystem allows "user" devices (see also 
Issue#208), then you can just map your device (all checks will be based on 
device access rights by default). 

So sorry, I am not going to support suid bit in cryptsetup.

Original comment by gmazyl...@gmail.com on 8 Jun 2014 at 4:05

• Changed state: WontFix