Re: two factor authentication with zuluCrypt
Just use it as shared library and use libcryptsetup.h, see for example
docs/examples in cryptsetup source tree. (Btw if you need more examples,
just tell me, we can add something there for reference.)
I looked at the example in the just released beta and i now understand the API and can work with it with no problems. My program now does interface with cryptsetup using only the library.
Just to clarify, just linking against the library and let link loader look up and load it at runtime poses no security issue to an suid program? The reason why i manually load the library at run time and pollute the code with all those pointers was to avoid security issues i couldnt think of.
Or better (but I think it is not good idea for GUI) - provide option
to link statically.
My program is divided into two parts, the GUI part(zuluCrypt) runs with normal user's privileges and calls the cli backend(zuluCrpt-cli) to actually do the work. The cli backend is the one that runs with suid bit set and interfaces with cryptsetup
You mentioned "cleaning up the code" with two examples, dynamically linking the library(will do that) and use proper "industry standard" tools for building and installation(will do that). Anything else that needs cleaning?
Thanks for taking your time to look into it.
dm-crypt mailing list