-
Notifications
You must be signed in to change notification settings - Fork 96
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Volumes mounted by TrueCrypt are visible/accessible to other users #22
Comments
Did TrueCrypt make the folder it's mounting your volume on? |
/Volumes/ is the default mount point on mac os x. |
Ah, well I'm not sure about Mac (since I use Linux), but symbolic links are always like that on Linux, the permissions will always me limited to what it links to. For example, a folder with drwx------ can exist on /media/mountpoint, and i can do "ln -s /media/mountpoint /media/linktomountpoint" which will result in a link called /media/linktomountpoint with the permissions of lrwxrwxrwx, but if I access that from the user nobody (or just any user that doesn't own the original folder), it will give me permission denied as if I accessed the original folder. |
@GigabyteProductions The @rockihack As far as I can tell,
For what it's worth, the "@" character in the "drwxrwxrwx@" permission list indicates that the folder has an extended attribute in the file system (extended attributes are a Mac specific mechanism to attach metadata to a file). Here is the metadata in hex form:
I don't know why the volume has this ID, but it's correct that the volume has an MSDOS filesystem. |
Can you test to mount the volume with hdiutil? Please report if a mount point is created and what are the permissions?
|
Hm, I don't think that the command you want me to test will ever create a mount point - after all the command line includes the argument
(the German sub-message probably translates to "No such file or directory" or something similar)
I am not sure what the
With the current data from my test, though, the function passes |
Yes, I wasn't completely sure about the mount-point creation. The problem without decryption is that the volume container looks random to the os. Can you mount any other volume with hdiutil and compare the mount point permissions? |
I noticed that when I switch to a different user, the mount point permissions "magically" change to match the new user.
I do not know what sorcery this is. The result is the same if I use the GUI for the user switch, or if I do it on the command line via |
By default, unknown HFS filesystems on "external" devices (including disk images) mount with their owners ignored (mount -o noowners). When owners are ignored, the system dynamically substitutes the current rent user's identify for any owners recorded in the filesystem. When creating new files, a special UID and GID of _unknown are recorded on the disk. Even if a filesystem is later mounted with on-disk owners honored, files with stored UID or GID of _unknown will continue to substitute the current user's credentials any time the given file is accessed. The net result is that shared volumes behave as expected even when connected to systems where their on-disk owners are honored. On modern OS X systems, root (UID 0) can "see through" the _unknown user mappings. Thus see: PERMISSIONS VS. OWNERS |
So no sorcery then :-) thanks for the pointer. |
This is also a problem on Windows 8.1, using the last safe version of TrueCrypt. Devices mounted on user A are available to all other users. |
I think that's a Windows issue, though. I don't think Windows has a permissions system for drives themselves. You'd have to use a file system with a permission system, such as NTFS, and basically implement a whitelist with the ACL options. |
I am using NTFS formatted drives. |
Can other users access the volume when you have the permissions setup to only let you see? |
As far as I know all admins can access all mounted drives. |
Good idea. I made a new user without administrator rights but it can still see the mounted drives. |
Still an issue with MacOS 10.15.5 Catalina and VeraCrypt 1.24-Update4. |
On Mac OS X, when I mount a TrueCrypt volume from a file container while logged in as user A, I can then switch to another user B and view the mounted volume's content (e.g. in the Finder, or in a Terminal.app session). I believe this is a bug, as the content of the TrueCrypt volume should remain private to the user who mounted it. I don't know enough about the underlying issues to lay the blame on any one in particular (Mac OS X, TrueCrypt, FUSE?), but what I definitely can say is that I cannot trust my Mac to be left alone while a TrueCrypt volume is still mounted.
This is how my mounted volumes' mount points look like inside a Terminal.app session. As you can see, the TrueCrypt volume
PRIVATE
is mounted with permissions that make it wide open for any user to snoop around inside.What I would like to see here is that the
PRIVATE
volume has the same set of permissions as thedata
volume (which is a Samba network share mounted by Mac OS X). Ideally, the Finder should not display thePRIVATE
volume at all, but if it does, the user should not be able to access the volume's content.I am using TrueCrypt 7.1a on Mac OS X 10.9.4. The issue is not new, though, it already existed in previous versions of TrueCrypt; I don't recall the specific version I used then, but I submitted a problem report on the original TrueCrypt website in September 2009 - without getting any response.
I am aware that CipherShed has not made its initial rebranding release yet, so please forgive me for reporting this already. However, because CipherShed is based on the TrueCrypt 7.1a code base, I am quite confident that the issue will be present in your initial release as well.
The text was updated successfully, but these errors were encountered: