Need password authentication when the user try to do "System Permanetly Decrypt" or "Create Rescue Disk"

[ghost]

If the attacker(your friend) is nearby your computer, he/she can click Veracrypt icon, select System and do "Permanetly Decrypt" within 30 seconds. Or, create a rescue disk ISO file, copy it to him/her USB stick and analyze offline in his/her NSA laboratory.

Veracrypt really need an authentication when the user try to do such actions.

[davidfoerster]

Restricting the access to

1. key material in the memory of running VeraCrypt process and
2. operations on unencrypted volumes that may subvert their encryption

sounds useful as it's relatively simple to implement would substantially increase the effort required by an attacker, as they would then need to extract the location of the key material from outside (through various process debugging facilities).

Though, as a rule of thumb you should not give (potential) attackers unsupervised access to your user session. Once you give someone unrestricted physical access to unencrypted data all bets are off. Lock your session and secure it with a reasonably secure key!

[andreas-becker]

I don't think this is a Veracrypt issue, therefore this can be closed @idrassi