Volumes mounted by TrueCrypt are visible/accessible to other users

Posted on: Fri, 14 Sep 2012 17:12 By: patrick

On Mac OS X, when I mount a TrueCrypt volume from a file container while logged in as user A, I can then switch to another user B and view the mounted volume's content (e.g. in the Finder, or in a Terminal.app session). I believe this is a bug, as the content of the TrueCrypt volume should remain private. I don't know enough about the underlying issues to lay the blame on any one in particular (Mac OS X, TrueCrypt, FUSE?), but what I definitely can say is that I cannot trust my Mac to be left alone while a TrueCrypt volume is still mounted.

This is how my mounted volumes' mount points look like inside a Terminal.app session. As you can see, the TrueCrypt volume PRIVATE is mounted with permissions that make it wide open for any user to snoop around inside.

nargothrond:~ --> ls -l /Volumes/
total 184
drwxr-xr-x   1 patrick  staff   8192 12 Dez  2010 BOOTCAMP
lrwxr-xr-x   1 root     admin      1 29 Aug 21:17 Macintosh HD -> /
drwxrwxrwx   1 patrick  staff  16384 31 Dez  1979 PRIVATE
[...]

I have reported this issue on the TrueCrypt website in September 2009. I never received a reply. Today I double-checked whether the problem is still there with the latest version of TrueCrypt (7.1a): Yes, it is! In case anyone wonders: I am using Mac OS X 10.6.8.

Member for

49 years 2 months

Same issue here... Maybe we should play with some scripts to automate the mounting and setting of permissions.

Member for

49 years 2 months

I was just testing this and noticed the same thing. I'm running 10.7.5 with TrueCrypt 7.1a. I definitely cannot leave a TrueCrypt volume mounted unattended.

How did you name your volume Private? Every TC volume I mount gets named NO NAME, even when I hit the options and try to select the mount point

Flattr name
herzbube

Member for

12 years 11 months

In reply to by todd (not verified)

Todd,

Sorry for the late reply. I see what you mean, I just tried to create a new container with TrueCrypt 7.1a, and when mounted the volume inside indeed is named NO NAME. I don't recall that I ever did something special about the volume name PRIVATE - it simply reflects the name of the container file. I must assume that an earlier version of TrueCrypt (which I used to create the container) decided to take the volume name from the container file name.

Add new comment

The content of this field is kept private and will not be shown publicly.

Filtered HTML

  • Allowed HTML tags: <h1> <pre> <br> <a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type='1 A I'> <li> <dl> <dt> <dd> <h2 id='jump-*'> <h3 id> <h4 id> <h5 id> <h6 id>
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.
CAPTCHA This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.