Allow a regular user to mount VeraCrypt volume without admin privileges
Clash Royale CLAN TAG#URR8PPP up vote
2
down vote
favorite
A regular user is unable to mount a VeraCrypt volume without first authenticating with an administrator password. According to the original TrueCrypt documentation, the workaround is to give the user sudo privileges on the veracrypt directory.
Edit visudo and add
USERNAME ALL = (root) NOPASSWD:/usr/bin/veracrypt
Source = Method 2 here
This is insecure and opens up doors for vulnerabilities at the root level.
Source: Is it secure to mount VeraCrypt without sudo password in this way | Security SE
How can a regular user safely mount a VeraCrypt container without needing the administrator password or having sudo privileges?
Or is it actually safe to add the above to visudo?
permissions mount sudo security veracrypt
edited May 16 at 19:56
Zanna
47.9k13117227
asked May 16 at 18:03
slatica
133
add a comment |Â
up vote
2
down vote
favorite
A regular user is unable to mount a VeraCrypt volume without first authenticating with an administrator password. According to the original TrueCrypt documentation, the workaround is to give the user sudo privileges on the veracrypt directory.
Edit visudo and add
USERNAME ALL = (root) NOPASSWD:/usr/bin/veracrypt
Source = Method 2 here
This is insecure and opens up doors for vulnerabilities at the root level.
Source: Is it secure to mount VeraCrypt without sudo password in this way | Security SE
How can a regular user safely mount a VeraCrypt container without needing the administrator password or having sudo privileges?
Or is it actually safe to add the above to visudo?
permissions mount sudo security veracrypt
edited May 16 at 19:56
Zanna
47.9k13117227
asked May 16 at 18:03
slatica
133
I don’t believe it’s possible to safely allow non-root users to mount veracrypt containers without changing the way that veracrypt mounts filesystems.
– Steve
May 17 at 4:27
I have not been able to find a solution. Files are secure in the Veracrypt container, but using the recommended procedure to allow users to mount the volume makes the entire device vulnerable. Seems to defeat the purpose. I'm determined to find a way to do this safely.
– slatica
Jul 29 at 15:29
add a comment |Â
up vote
2
down vote
favorite
up vote
2
down vote
favorite
A regular user is unable to mount a VeraCrypt volume without first authenticating with an administrator password. According to the original TrueCrypt documentation, the workaround is to give the user sudo privileges on the veracrypt directory.
Edit visudo and add
USERNAME ALL = (root) NOPASSWD:/usr/bin/veracrypt
Source = Method 2 here
This is insecure and opens up doors for vulnerabilities at the root level.
Source: Is it secure to mount VeraCrypt without sudo password in this way | Security SE
How can a regular user safely mount a VeraCrypt container without needing the administrator password or having sudo privileges?
Or is it actually safe to add the above to visudo?
permissions mount sudo security veracrypt
edited May 16 at 19:56
Zanna
47.9k13117227
asked May 16 at 18:03
slatica
133
A regular user is unable to mount a VeraCrypt volume without first authenticating with an administrator password. According to the original TrueCrypt documentation, the workaround is to give the user sudo privileges on the veracrypt directory.
Edit visudo and add
USERNAME ALL = (root) NOPASSWD:/usr/bin/veracrypt
Source = Method 2 here
This is insecure and opens up doors for vulnerabilities at the root level.
Source: Is it secure to mount VeraCrypt without sudo password in this way | Security SE
How can a regular user safely mount a VeraCrypt container without needing the administrator password or having sudo privileges?
Or is it actually safe to add the above to visudo?
permissions mount sudo security veracrypt
edited May 16 at 19:56
Zanna
47.9k13117227
asked May 16 at 18:03
slatica
133
edited May 16 at 19:56
Zanna
47.9k13117227
edited May 16 at 19:56
Zanna
47.9k13117227
edited May 16 at 19:56
Zanna
47.9k13117227
47.9k13117227
asked May 16 at 18:03
slatica
133
asked May 16 at 18:03
slatica
133
asked May 16 at 18:03
slatica
133
133
I don’t believe it’s possible to safely allow non-root users to mount veracrypt containers without changing the way that veracrypt mounts filesystems.
– Steve
May 17 at 4:27
I have not been able to find a solution. Files are secure in the Veracrypt container, but using the recommended procedure to allow users to mount the volume makes the entire device vulnerable. Seems to defeat the purpose. I'm determined to find a way to do this safely.
– slatica
Jul 29 at 15:29
add a comment |Â
I don’t believe it’s possible to safely allow non-root users to mount veracrypt containers without changing the way that veracrypt mounts filesystems.
– Steve
May 17 at 4:27
I have not been able to find a solution. Files are secure in the Veracrypt container, but using the recommended procedure to allow users to mount the volume makes the entire device vulnerable. Seems to defeat the purpose. I'm determined to find a way to do this safely.
– slatica
Jul 29 at 15:29
I don’t believe it’s possible to safely allow non-root users to mount veracrypt containers without changing the way that veracrypt mounts filesystems.
– Steve
May 17 at 4:27
I don’t believe it’s possible to safely allow non-root users to mount veracrypt containers without changing the way that veracrypt mounts filesystems.
– Steve
May 17 at 4:27
I have not been able to find a solution. Files are secure in the Veracrypt container, but using the recommended procedure to allow users to mount the volume makes the entire device vulnerable. Seems to defeat the purpose. I'm determined to find a way to do this safely.
– slatica
Jul 29 at 15:29
I have not been able to find a solution. Files are secure in the Veracrypt container, but using the recommended procedure to allow users to mount the volume makes the entire device vulnerable. Seems to defeat the purpose. I'm determined to find a way to do this safely.
– slatica
Jul 29 at 15:29
add a comment |Â
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1037073%2fallow-a-regular-user-to-mount-veracrypt-volume-without-admin-privileges%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
I don’t believe it’s possible to safely allow non-root users to mount veracrypt containers without changing the way that veracrypt mounts filesystems.
– Steve
May 17 at 4:27
I have not been able to find a solution. Files are secure in the Veracrypt container, but using the recommended procedure to allow users to mount the volume makes the entire device vulnerable. Seems to defeat the purpose. I'm determined to find a way to do this safely.
– slatica
Jul 29 at 15:29