LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-27-2006, 06:19 AM   #1
edman007
Member
 
Registered: Sep 2003
Distribution: slackware-current
Posts: 175

Rep: Reputation: 30
crypto loop, and setuid thing to set it up


Hi, i'm trying to make an encrypted home directory for my laptop, and i would like to do the same for my swap (if possible), i'm also trying to find some source for a secure setuid wrapper to put my commands in (so far my searching just show a lot of "what not to do" wrappers), here is what i have

for my home directory, put these commands into a setuid wrapper to mount my home directory (its /home/edman007.plain as specified in /etc/passwd)

do you guys think i should put stuff here to check that the previous stuff went through first before executing the next command?
login-me
Code:
mount /dev/sdb1 /mnt/floppy
losetup -e aes -p 0 /dev/loop1 /home/edman007.img < /mnt/floppy/home
umount /dev/sdb1
mount /dev/loop1 /home/edman007.crypt
export HOME=/home/edman007.crypt
logout-me
Code:
umount /dev/loop1
losetup -d /dev/loop1
and for my swap (no setuid needed, i will just put it in the startup stuff), i want to know if this will work, i found a few things saying its ok, and some saying it won't work at all
Code:
dd if=/dev/random bs=1 count=32 | losetup -e aes -p 0 /dev/loop0 /dev/sda3
mkswap /dev/loop0
swapon /dev/loop0
and i would just let the shutdown stuff handle the swap closing as it (it does `swapoff -a`, but i don't know about the loop, i can add the delete the loop stuff if i find its needed)
 
Old 09-18-2006, 12:09 AM   #2
stress_junkie
Senior Member
 
Registered: Dec 2005
Location: Massachusetts, USA
Distribution: Ubuntu 10.04 and CentOS 5.5
Posts: 3,873

Rep: Reputation: 335Reputation: 335Reputation: 335Reputation: 335
Except for unmounting the loop device I expect that the scripts should be okay. The umount command should unmount the mount point, not the loop device, so it should be this:
Code:
umount /home/edman007.crypt
On the swap partition you can have the password/encryption key come from /dev/random.

Last edited by stress_junkie; 09-18-2006 at 12:12 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
crypto, "shred", ext3, and loop device expaand Linux - Security 8 06-26-2006 08:46 AM
IPsec transform-set, crypto-invalid input prozac Linux - Networking 3 05-25-2006 03:14 AM
How do set mplayer to loop by default? walterbyrd Linux - Software 3 07-24-2004 06:40 PM
newbie python question: doing more than one thing in a for loop SerfurJ Programming 1 03-18-2004 11:14 AM
Python - Set vars and loop over lines in file jnoller Programming 6 02-07-2004 11:32 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:51 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration