[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#626641: cryptsetup: bug #587220 re-introduced

On Mon, 16 May 2011, Christoph Anton Mitterer wrote:
> With the most recent upload (and this is the very reason why I've reopened
> the bug), you can have the situation (package removed but not pruged) where
> you say:
> /etc/init.d/cryptdisks stop
> and it gives you just $? = 0, as /lib/cryptsetup/cryptdisks.functions is
> gone.

A package is, as a general rule, not supposed to allow itself to be removed
with the initscript indicating a failure state in the first place.  There
are exceptions, but I cannot see why cryptsetup would be one.

> If you're someone who (seriously) wants to do disk encryption, than

Then you'd better know the real limits of the system you're using, and you'd
better know how to use it properly in the first place.

> Again, I hope that Jonas doens't feel offended or so,... I just miss the
> strong sense of care that is required for security in many places.

You must be entirely out of your mind if you even GET that feeling using
Debian, or any other normal Linux distro.

OTOH, I seriously doubt Jonas will be offended by any of this :-)

> [0] And we shouldn't exclude "end users" without deeper knowledge from
> having a "secure as possible system" if they can get if "for free".

End users without training will screw it up _every_ _time_.  Or they will be
extremely easy prey to social engineering.  It amounts to the same thing.

You have to actually design a system to be impossible to be used insecurely
in the first place for it to even last for a small while in the hands of
someone without a clue.  Debian is not that system.  Nor is your PeeCee
something that could be turned into such a system through the operating
system only.

I tire of this thread.  There are apparently bugs in the initscripts, well,
if that's correct, just get them fixed.  Then, the package will not allow
itself to be removed with crypt disks still active in the first place.

It'd have to switch to 'restart only _after_ upgrades, but stop on removal'
logic, though.  And 'restart' will probably have to mean 'open any crypto
disks that are not currently open, close any that are not supposed to be
open anymore'.  Or maybe 'do nothing'.

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh
Reply to: