How can user mount an encrypted file container in VeraCrypt?

permissions sudo users mount veracrypt

Solution 1:

Warning: Only use @Pawel Debski solution if agree the following:

  • Any user or hacker getting access to an user account in veracryptusers group can run any commands as root, by downloading a prepared container file containing malicious code running as root.

So using that solution you might consider to use a special user profile for veracrypt. As a result, sodo is easier to use.

Steps to test the security problem:

  1. Create a container file (ext2-4)
  2. Copy or create a binary file (e.g. whoami)
  3. Change binary owner to root
  4. Add setuid to the binary
  5. Call the binary with a non-root-user account

The binary will run with root privilege.

Hint: I added this solution as the warning at Pawel Debski is inconspicuously. The risk is much greater than the benefit as long as the system has an internet connection.

Related

Configure OpenSSH server and router to accept SSH connection over internet?
Truly share a folder with multiple users on a computer
Set ATI/AMD GPU Fan speed with MESA Driver
atheros wireless ar9285 driver
Turn Mousekeys on/off from keyboard
vgaswitcheroo not selecting discrete card
I somehow deleted my Desktop from nautilus places
Deja-dup repeatedly asks encryption password
TLP don't change CPU frequency
Ralink RT3290 bluetooth adapter is not working [full process]
How to downgrade back to 14.04 from 14.10 without live cd or usb drive?
How to Install OALD8 on Ubuntu 14.04 x64?