diff options
59 files changed, 370 insertions, 6 deletions
diff --git a/Translations/Language.ar.xml b/Translations/Language.ar.xml index 6a357e37..8c69b867 100644 --- a/Translations/Language.ar.xml +++ b/Translations/Language.ar.xml @@ -1641,6 +1641,9 @@ <entry lang="ar" key="ERR_XTS_MASTERKEY_VULNERABLE">تحذير: مفتاح رئيسي للحجم عرضة لهجوم يهدد أمن البيانات.\n\nيرجى إنشاء حجم جديد ونقل البيانات إليه.</entry> <entry lang="ar" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">تحذير: المفتاح الرئيسي للنظام المشفر عرضة لهجوم يهدد أمن البيانات.\nيرجى فك تشفير قسم/محرك النظام ثم إعادة تشفيره.</entry> <entry lang="ar" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">تحذير: مفتاح رئيسي للحجم يحتوي على ثغرة أمنية.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.be.xml b/Translations/Language.be.xml index 9e7f28e4..da9294be 100644 --- a/Translations/Language.be.xml +++ b/Translations/Language.be.xml @@ -1641,6 +1641,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.bg.xml b/Translations/Language.bg.xml index be7bb17e..a9a41253 100644 --- a/Translations/Language.bg.xml +++ b/Translations/Language.bg.xml @@ -1641,6 +1641,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.ca.xml b/Translations/Language.ca.xml index 4a499187..c76a7e26 100644 --- a/Translations/Language.ca.xml +++ b/Translations/Language.ca.xml @@ -1641,6 +1641,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.co.xml b/Translations/Language.co.xml index 0ca030ce..a20cfa07 100644 --- a/Translations/Language.co.xml +++ b/Translations/Language.co.xml @@ -1660,6 +1660,9 @@ Information about Corsican localization: <entry lang="co" key="ERR_XTS_MASTERKEY_VULNERABLE">AVERTIMENTU : A chjave principale di u vulume hè vulnerevule à un attaccu chì cumprumette à sicurità di i dati.\n\nCi vole à creà un vulume novu è trasferisceci i dati.</entry> <entry lang="co" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">AVERTIMENTU : A chjave principale di u sistema cifratu hè vulnerevule à un attaccu chì cumprumette à sicurità di i dati.\n\nCi vole à dicifrà a partizione o u lettore di u sistema eppò cifrallu torna.</entry> <entry lang="co" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">AVERTIMENTU : A chjave principale di u vulume hà una vulnerabilità di sicurità.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.cs.xml b/Translations/Language.cs.xml index 4792f4f5..d0bd3116 100644 --- a/Translations/Language.cs.xml +++ b/Translations/Language.cs.xml @@ -1641,6 +1641,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.da.xml b/Translations/Language.da.xml index 30cf99ba..9739920c 100644 --- a/Translations/Language.da.xml +++ b/Translations/Language.da.xml @@ -1641,6 +1641,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.de.xml b/Translations/Language.de.xml index 690088f8..f617e4ef 100644 --- a/Translations/Language.de.xml +++ b/Translations/Language.de.xml @@ -1644,6 +1644,9 @@ <entry lang="de" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNUNG: Der Hauptschlüssel des Volumes ist anfällig für einen Angriff, der die Datensicherheit gefährdet.\n\nBitte erstellen Sie ein neues Volume und übertragen Sie die Daten auf dieses.</entry> <entry lang="de" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNUNG: Der Hauptschlüssel des verschlüsselten Systems ist anfällig für einen Angriff, der die Datensicherheit gefährdet.\nBitte entschlüsseln Sie die Systempartition/das Laufwerk und verschlüsseln Sie es anschließend erneut.</entry> <entry lang="de" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNUNG: Der Hauptschlüssel des Volumes weist eine Sicherheitslücke auf.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <!-- XML-Schema --> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> diff --git a/Translations/Language.el.xml b/Translations/Language.el.xml index 640a79f5..4646b0e9 100644 --- a/Translations/Language.el.xml +++ b/Translations/Language.el.xml @@ -1641,6 +1641,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.es.xml b/Translations/Language.es.xml index 42b97a62..ea226d6a 100644 --- a/Translations/Language.es.xml +++ b/Translations/Language.es.xml @@ -1641,6 +1641,9 @@ <entry lang="es" key="ERR_XTS_MASTERKEY_VULNERABLE">ADVERTENCIA: La clave maestra del volumen es vulnerable a un ataque que compromete la seguridad de los datos.\n\nCree un nuevo volumen y transfiera los datos a él.</entry> <entry lang="es" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">ADVERTENCIA: La clave maestra del sistema cifrado es vulnerable a un ataque que compromete la seguridad de los datos.\nDescifre la partición/unidad del sistema y luego vuelva a cifrarla.</entry> <entry lang="es" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">ADVERTENCIA: La clave maestra del volumen tiene una vulnerabilidad de seguridad.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.et.xml b/Translations/Language.et.xml index 5bc2bad6..d3d670eb 100644 --- a/Translations/Language.et.xml +++ b/Translations/Language.et.xml @@ -1641,6 +1641,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.eu.xml b/Translations/Language.eu.xml index df09506f..4cfde49b 100644 --- a/Translations/Language.eu.xml +++ b/Translations/Language.eu.xml @@ -1641,6 +1641,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.fa.xml b/Translations/Language.fa.xml index 207a264d..d5795bf1 100644 --- a/Translations/Language.fa.xml +++ b/Translations/Language.fa.xml @@ -1641,6 +1641,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.fi.xml b/Translations/Language.fi.xml index 187f012d..6039d9fd 100644 --- a/Translations/Language.fi.xml +++ b/Translations/Language.fi.xml @@ -1641,6 +1641,9 @@ <entry lang="fi" key="ERR_XTS_MASTERKEY_VULNERABLE">VAROITUS: Taltion pääavain on haavoittuva hyökkäykselle joka vaarantaa tietojen turvallisuuden.\n\nLuo uusi taltio ja siirrä tiedot sille.</entry> <entry lang="fi" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">VAROITUS: Salatun järjestelmän pääavain on haavoittuva hyökkäykselle joka vaarantaa tietojen turvallisuuden.\nPura järjestelmäosion tai -levyn salaus ja salaa se uudelleen.</entry> <entry lang="fi" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">VAROITUS: Taltion pääavaimessa on tietoturvahaavoittuvuus.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.fr.xml b/Translations/Language.fr.xml index 5d2ce70a..2157f95e 100644 --- a/Translations/Language.fr.xml +++ b/Translations/Language.fr.xml @@ -1641,6 +1641,9 @@ <entry lang="fr" key="ERR_XTS_MASTERKEY_VULNERABLE">AVERTISSEMENT : La clé principale du volume est vulnérable à une attaque compromettant la sécurité des données.\n\nVeuillez créer un nouveau volume et y transférer les données.</entry> <entry lang="fr" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">AVERTISSEMENT : La clé principale du système chiffré est vulnérable à une attaque compromettant la sécurité des données.\nVeuillez déchiffrer la partition/le disque système puis le chiffrer à nouveau.</entry> <entry lang="fr" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">AVERTISSEMENT : La clé principale du volume présente une vulnérabilité de sécurité.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.he.xml b/Translations/Language.he.xml index 24f0e663..0b26dc8c 100644 --- a/Translations/Language.he.xml +++ b/Translations/Language.he.xml @@ -1642,6 +1642,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.hu.xml b/Translations/Language.hu.xml index 476df683..ea36372a 100644 --- a/Translations/Language.hu.xml +++ b/Translations/Language.hu.xml @@ -1641,6 +1641,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.id.xml b/Translations/Language.id.xml index 3929f417..d21d091e 100644 --- a/Translations/Language.id.xml +++ b/Translations/Language.id.xml @@ -1641,6 +1641,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.it.xml b/Translations/Language.it.xml index a6425617..19c8d13f 100644 --- a/Translations/Language.it.xml +++ b/Translations/Language.it.xml @@ -1641,6 +1641,9 @@ <entry lang="it" key="ERR_XTS_MASTERKEY_VULNERABLE">ATTENZIONE: La chiave master del volume è vulnerabile a un attacco che compromette la sicurezza dei dati.\n\nSi prega di creare un nuovo volume e trasferire i dati in esso.</entry> <entry lang="it" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">ATTENZIONE: La chiave master del sistema crittografato è vulnerabile a un attacco che compromette la sicurezza dei dati.\nSi prega di decrittografare la partizione/unità di sistema e poi ricrittografarla.</entry> <entry lang="it" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">ATTENZIONE: La chiave master del volume ha una vulnerabilità di sicurezza.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.ja.xml b/Translations/Language.ja.xml index 745d81a7..297f41bf 100644 --- a/Translations/Language.ja.xml +++ b/Translations/Language.ja.xml @@ -1641,6 +1641,9 @@ <entry lang="ja" key="ERR_XTS_MASTERKEY_VULNERABLE">警告: ボリュームのマスターキーがデータセキュリティを損なう攻撃に対して脆弱です。\n\n新しいボリュームを作成し、データを転送してください。</entry> <entry lang="ja" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">警告: 暗号化されたシステムのマスターキーは、データセキュリティを損なう攻撃に対して脆弱です。\nシステムパーティション/ドライブの暗号化を解除してから、再度暗号化してください。</entry> <entry lang="ja" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">警告: ボリュームのマスターキーにセキュリティの脆弱性があります。</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.ka.xml b/Translations/Language.ka.xml index ddba2385..8fa23e84 100644 --- a/Translations/Language.ka.xml +++ b/Translations/Language.ka.xml @@ -1641,6 +1641,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.ko.xml b/Translations/Language.ko.xml index a245dd10..f9b58936 100644 --- a/Translations/Language.ko.xml +++ b/Translations/Language.ko.xml @@ -1641,6 +1641,9 @@ <entry lang="ko" key="ERR_XTS_MASTERKEY_VULNERABLE">경고: 볼륨의 마스터 키가 데이터 보안을 위협하는 공격에 취약합니다.\n\n새 볼륨을 생성하고 데이터를 해당 볼륨으로 옮기세요.</entry> <entry lang="ko" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">경고: 암호화된 시스템의 마스터 키가 데이터 보안을 위협하는 공격에 취약합니다.\n시스템 파티션/드라이브를 복호화한 후 다시 암호화하세요.</entry> <entry lang="ko" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">경고: 볼륨의 마스터 키에 보안 취약성이 있습니다.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.lv.xml b/Translations/Language.lv.xml index 41668649..149aa410 100644 --- a/Translations/Language.lv.xml +++ b/Translations/Language.lv.xml @@ -1641,6 +1641,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.my.xml b/Translations/Language.my.xml index 4fa8b906..94901e57 100644 --- a/Translations/Language.my.xml +++ b/Translations/Language.my.xml @@ -1643,6 +1643,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" attributeFormDefault="unqualified" elementFormDefault="qualified"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.nb.xml b/Translations/Language.nb.xml index baabd476..a993a147 100644 --- a/Translations/Language.nb.xml +++ b/Translations/Language.nb.xml @@ -1641,6 +1641,9 @@ <entry lang="nb" key="ERR_XTS_MASTERKEY_VULNERABLE">ADVARSEL: Volumets hovednøkkel er sårbar for et angrep som kompromitterer datasikkerheten.\n\nVennligst opprett et nytt volum og overfør dataene til det.</entry> <entry lang="nb" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">ADVARSEL: Hovednøkkelen til det krypterte systemet er sårbar for et angrep som kompromitterer datasikkerheten.\nVennligst dekrypter systempartisjonen/-stasjonen og krypter den på nytt.</entry> <entry lang="nb" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">ADVARSEL: Volumets hovednøkkel har en sikkerhetssårbarhet.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.nl.xml b/Translations/Language.nl.xml index 5d238f55..3b88bd2f 100644 --- a/Translations/Language.nl.xml +++ b/Translations/Language.nl.xml @@ -1641,6 +1641,9 @@ <entry lang="nl" key="ERR_XTS_MASTERKEY_VULNERABLE">WAARSCHUWING: De hoofdsleutel van het volume is kwetsbaar voor een aanval die de gegevensbeveiliging in gevaar brengt.\n\nMaak een nieuw volume aan en zet de gegevens daarnaar over.</entry> <entry lang="nl" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WAARSCHUWING: De hoofdsleutel van het versleutelde systeem is kwetsbaar voor een aanval die de gegevensbeveiliging in gevaar brengt.\nOntsleutel de systeempartitie/-schijf en versleutel deze vervolgens opnieuw.</entry> <entry lang="nl" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WAARSCHUWING: De hoofdsleutel van het volume heeft een beveiligingslek.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" attributeFormDefault="unqualified" elementFormDefault="qualified"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.nn.xml b/Translations/Language.nn.xml index 758b9045..2895c9aa 100644 --- a/Translations/Language.nn.xml +++ b/Translations/Language.nn.xml @@ -1641,6 +1641,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.pl.xml b/Translations/Language.pl.xml index 3b35ba15..80a073ec 100644 --- a/Translations/Language.pl.xml +++ b/Translations/Language.pl.xml @@ -1641,6 +1641,9 @@ <entry lang="pl" key="ERR_XTS_MASTERKEY_VULNERABLE">OSTRZEŻENIE: Klucz główny wolumenu jest podatny na atak, który zagraża bezpieczeństwu danych.\n\nUtwórz nowy wolumen i przenieś do niego dane.</entry> <entry lang="pl" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">OSTRZEŻENIE: Klucz główny zaszyfrowanego systemu jest podatny na atak, który zagraża bezpieczeństwu danych.\nOdszyfruj partycję/napęd systemowy, a następnie ponownie go zaszyfruj.</entry> <entry lang="pl" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">OSTRZEŻENIE: Klucz główny wolumenu ma lukę w zabezpieczeniach.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.pt-br.xml b/Translations/Language.pt-br.xml index 6111e464..04b72fd8 100644 --- a/Translations/Language.pt-br.xml +++ b/Translations/Language.pt-br.xml @@ -1641,6 +1641,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.ro.xml b/Translations/Language.ro.xml index 8cfd724f..fea01855 100644 --- a/Translations/Language.ro.xml +++ b/Translations/Language.ro.xml @@ -1641,6 +1641,9 @@ <entry lang="ro" key="ERR_XTS_MASTERKEY_VULNERABLE">AVERTIZARE: Cheia principală a volumului este vulnerabilă la un atac care compromite securitatea datelor.\n\nTrebuie să creați un volum nou și să transferați datele pe acesta.</entry> <entry lang="ro" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">AVERTIZARE: Cheia principală a sistemului criptat este vulnerabilă la un atac care compromite securitatea datelor.\nDecriptați partiția/unitatea de sistem și apoi recriptați-o.</entry> <entry lang="ro" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">AVERTIZARE: Cheia principală a volumului are o vulnerabilitate de securitate.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.ru.xml b/Translations/Language.ru.xml index d8819174..46389aa6 100644 --- a/Translations/Language.ru.xml +++ b/Translations/Language.ru.xml @@ -1641,6 +1641,9 @@ <entry lang="ru" key="ERR_XTS_MASTERKEY_VULNERABLE">ВНИМАНИЕ: Мастер-ключ тома уязвим для атаки, которая ставит под угрозу безопасность данных.\n\nСоздайте новый том и перенесите в него данные.</entry> <entry lang="ru" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">ВНИМАНИЕ: Мастер-ключ зашифрованной системы уязвим для атаки, которая ставит под угрозу безопасность данных.\nРасшифруйте системный раздел/диск, а затем повторно зашифруйте его.</entry> <entry lang="ru" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">ВНИМАНИЕ: Мастер-ключ тома содержит уязвимость в системе безопасности.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.sk.xml b/Translations/Language.sk.xml index 047f8fa7..6ea323aa 100644 --- a/Translations/Language.sk.xml +++ b/Translations/Language.sk.xml @@ -1641,6 +1641,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.sl.xml b/Translations/Language.sl.xml index 9d62c3f0..4d863a78 100644 --- a/Translations/Language.sl.xml +++ b/Translations/Language.sl.xml @@ -1641,6 +1641,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.sv.xml b/Translations/Language.sv.xml index 096ebd77..6465f339 100644 --- a/Translations/Language.sv.xml +++ b/Translations/Language.sv.xml @@ -1641,6 +1641,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">VARNING: Volymens huvudnyckel är sårbar för en attack som äventyrar datasäkerheten.\n\nSkapa en ny volym och överför data till den.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">VARNING: Det krypterade systemets huvudnyckel är sårbar för en attack som äventyrar datasäkerheten.\nDekryptera systempartitionen/enheten och kryptera den sedan igen.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">VARNING: Volymens huvudnyckel har en säkerhetssårbarhet.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.th.xml b/Translations/Language.th.xml index 4bd5b418..65a51b17 100644 --- a/Translations/Language.th.xml +++ b/Translations/Language.th.xml @@ -1642,6 +1642,9 @@ <entry lang="th" key="ERR_XTS_MASTERKEY_VULNERABLE">คำเตือน: คีย์หลักของปริมาณมีช่องโหว่ที่ทำให้ความปลอดภัยข้อมูลถูกสอบการโจมตี.\n\nกรุณาสร้างปริมาณใหม่และย้ายข้อมูลไปยังมัน.</entry> <entry lang="th" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">คำเตือน: คีย์หลักของระบบที่เข้ารหัสมีช่องโหว่ที่สอบการโจมตีที่ทำให้ความปลอดภัยข้อมูลถูกสอบการโจมตี.\nกรุณาถอดรหัสพาร์ติชัน/ไดรฟ์ระบบแล้วเข้ารหัสใหม่อีกครั้ง.</entry> <entry lang="th" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">คำเตือน: คีย์หลักของปริมาณมีช่องโหว่ด้านความปลอดภัย.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.tr.xml b/Translations/Language.tr.xml index 143d8f2f..a2a465fd 100644 --- a/Translations/Language.tr.xml +++ b/Translations/Language.tr.xml @@ -1641,6 +1641,9 @@ <entry lang="tr" key="ERR_XTS_MASTERKEY_VULNERABLE">UYARI: Birimin ana anahtarı, veri güvenliğini tehlikeye atan bir saldırıya karşı savunmasızdır.\n\nLütfen yeni bir birim oluşturun ve verileri ona aktarın.</entry> <entry lang="tr" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">UYARI: Şifrelenmiş sistemin ana anahtarı, veri güvenliğini tehlikeye atan bir saldırıya karşı savunmasızdır.\nLütfen sistem bölümünü/sürücüsünü şifresini çözün ve ardından tekrar şifreleyin.</entry> <entry lang="tr" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">UYARI: Birimin ana anahtarı bir güvenlik açığına sahiptir.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.uk.xml b/Translations/Language.uk.xml index 15f8fa84..cf5a9743 100644 --- a/Translations/Language.uk.xml +++ b/Translations/Language.uk.xml @@ -1641,6 +1641,9 @@ <entry lang="uk" key="ERR_XTS_MASTERKEY_VULNERABLE">ПОПЕРЕДЖЕННЯ: Головний ключ тому є вразливим до атаки, яка компрометує безпеку даних.\n\nБудь ласка, створіть новий том і перенесіть дані до нього.</entry> <entry lang="uk" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">ПОПЕРЕДЖЕННЯ: Головний ключ зашифрованої системи є вразливим до атаки, яка компрометує безпеку даних.\nБудь ласка, розшифруйте системний розділ/диск, а потім знову зашифруйте його.</entry> <entry lang="uk" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">ПОПЕРЕДЖЕННЯ: Головний ключ тому має уразливість безпеки.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.uz.xml b/Translations/Language.uz.xml index 2a12fd64..d09916a9 100644 --- a/Translations/Language.uz.xml +++ b/Translations/Language.uz.xml @@ -1641,6 +1641,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.vi.xml b/Translations/Language.vi.xml index 29dd6427..91f7f6a7 100644 --- a/Translations/Language.vi.xml +++ b/Translations/Language.vi.xml @@ -1641,6 +1641,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.zh-cn.xml b/Translations/Language.zh-cn.xml index de06f43b..a679cf97 100644 --- a/Translations/Language.zh-cn.xml +++ b/Translations/Language.zh-cn.xml @@ -1642,6 +1642,9 @@ <entry lang="zh-cn" key="ERR_XTS_MASTERKEY_VULNERABLE">警告:卷的主密钥容易受到危及数据安全性的攻击。\n\n请创建新的卷并将数据传输到其中。</entry> <entry lang="zh-cn" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">警告:加密系统的主密钥容易受到危及数据安全性的攻击。\n请解密系统分区/驱动器,然后重新加密。</entry> <entry lang="zh-cn" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">警告:卷的主密钥存在安全漏洞。</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.zh-hk.xml b/Translations/Language.zh-hk.xml index fb07dcae..267bb0e1 100644 --- a/Translations/Language.zh-hk.xml +++ b/Translations/Language.zh-hk.xml @@ -1641,6 +1641,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/Translations/Language.zh-tw.xml b/Translations/Language.zh-tw.xml index 1c0dcad4..360bd9d2 100644 --- a/Translations/Language.zh-tw.xml +++ b/Translations/Language.zh-tw.xml @@ -1641,6 +1641,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/src/Common/Language.xml b/src/Common/Language.xml index 9821bbe9..757cccc2 100644 --- a/src/Common/Language.xml +++ b/src/Common/Language.xml @@ -1641,6 +1641,9 @@ <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE">WARNING: The volume's master key is vulnerable to an attack that compromises data security.\n\nPlease create a new volume and transfer the data to it.</entry> <entry lang="en" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">WARNING: The encrypted system's master key is vulnerable to an attack that compromises data security.\nPlease decrypt the system partition/drive and then re-encrypt it.</entry> <entry lang="en" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">WARNING: The volume's master key has a security vulnerability.</entry> + <entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry> + <entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/src/Core/CoreBase.cpp b/src/Core/CoreBase.cpp index ed934a63..d2dbd6d7 100644 --- a/src/Core/CoreBase.cpp +++ b/src/Core/CoreBase.cpp @@ -23,6 +23,9 @@ namespace VeraCrypt #if defined(TC_LINUX ) || defined (TC_FREEBSD) , UseDummySudoPassword (false) #endif +#if defined(TC_UNIX) + ,AllowInsecureMount (false) +#endif { } diff --git a/src/Core/CoreBase.h b/src/Core/CoreBase.h index 07d0f881..e4ff0a94 100644 --- a/src/Core/CoreBase.h +++ b/src/Core/CoreBase.h @@ -80,6 +80,16 @@ namespace VeraCrypt virtual void ForceUseDummySudoPassword (bool useDummySudoPassword) { UseDummySudoPassword = useDummySudoPassword;} virtual bool GetUseDummySudoPassword () const { return UseDummySudoPassword;} +#if defined(TC_UNIX) + virtual bool IsProtectedSystemDirectory (const DirectoryPath &directory) const = 0; + virtual bool IsDirectoryOnUserPath(const DirectoryPath &directory) const = 0; + virtual void SetAllowInsecureMount (bool allowInsecureMount) { AllowInsecureMount = allowInsecureMount; } + virtual bool GetAllowInsecureMount () const { return AllowInsecureMount; } +#endif + + virtual void SetUserEnvPATH (const string &path) { UserEnvPATH = path; } + virtual string GetUserEnvPATH () const { return UserEnvPATH; } + Event VolumeDismountedEvent; Event VolumeMountedEvent; Event WarningEvent; @@ -89,8 +99,13 @@ namespace VeraCrypt bool DeviceChangeInProgress; FilePath ApplicationExecutablePath; + string UserEnvPATH; bool UseDummySudoPassword; +#if defined(TC_UNIX) + bool AllowInsecureMount; +#endif + private: CoreBase (const CoreBase &); CoreBase &operator= (const CoreBase &); diff --git a/src/Core/Unix/CoreService.cpp b/src/Core/Unix/CoreService.cpp index c2eb2bf0..712dbab4 100644 --- a/src/Core/Unix/CoreService.cpp +++ b/src/Core/Unix/CoreService.cpp @@ -99,6 +99,11 @@ namespace VeraCrypt { shared_ptr <CoreServiceRequest> request = Serializable::DeserializeNew <CoreServiceRequest> (inputStream); + // Update Core properties based on the received request + Core->SetUserEnvPATH (request->UserEnvPATH); + Core->ForceUseDummySudoPassword(request->UseDummySudoPassword); + Core->SetAllowInsecureMount(request->AllowInsecureMount); + try { // ExitRequest @@ -283,12 +288,17 @@ namespace VeraCrypt static Mutex mutex; ScopeLock lock (mutex); + // Copy Core properties to the request so that they can be transferred to the elevated process + request.ApplicationExecutablePath = Core->GetApplicationExecutablePath(); + request.UserEnvPATH = Core->GetUserEnvPATH(); + request.UseDummySudoPassword = Core->GetUseDummySudoPassword(); + request.AllowInsecureMount = Core->GetAllowInsecureMount(); + if (request.RequiresElevation()) { request.ElevateUserPrivileges = true; request.FastElevation = !ElevatedServiceAvailable; - request.ApplicationExecutablePath = Core->GetApplicationExecutablePath(); - + while (!ElevatedServiceAvailable) { // Test if the user has an active "sudo" session. diff --git a/src/Core/Unix/CoreServiceRequest.cpp b/src/Core/Unix/CoreServiceRequest.cpp index 900fbcc4..14e2ec28 100644 --- a/src/Core/Unix/CoreServiceRequest.cpp +++ b/src/Core/Unix/CoreServiceRequest.cpp @@ -23,6 +23,9 @@ namespace VeraCrypt ApplicationExecutablePath = sr.DeserializeWString ("ApplicationExecutablePath"); sr.Deserialize ("ElevateUserPrivileges", ElevateUserPrivileges); sr.Deserialize ("FastElevation", FastElevation); + sr.Deserialize ("UserEnvPATH", UserEnvPATH); + sr.Deserialize ("UseDummySudoPassword", UseDummySudoPassword); + sr.Deserialize ("AllowInsecureMount", AllowInsecureMount); } void CoreServiceRequest::Serialize (shared_ptr <Stream> stream) const @@ -33,6 +36,9 @@ namespace VeraCrypt sr.Serialize ("ApplicationExecutablePath", wstring (ApplicationExecutablePath)); sr.Serialize ("ElevateUserPrivileges", ElevateUserPrivileges); sr.Serialize ("FastElevation", FastElevation); + sr.Serialize ("UserEnvPATH", UserEnvPATH); + sr.Serialize ("UseDummySudoPassword", UseDummySudoPassword); + sr.Serialize ("AllowInsecureMount", AllowInsecureMount); } // CheckFilesystemRequest diff --git a/src/Core/Unix/CoreServiceRequest.h b/src/Core/Unix/CoreServiceRequest.h index c00a865d..77778ca2 100644 --- a/src/Core/Unix/CoreServiceRequest.h +++ b/src/Core/Unix/CoreServiceRequest.h @@ -20,7 +20,7 @@ namespace VeraCrypt { struct CoreServiceRequest : public Serializable { - CoreServiceRequest () : ElevateUserPrivileges (false), FastElevation (false) { } + CoreServiceRequest () : ElevateUserPrivileges (false), FastElevation (false), UseDummySudoPassword (false), AllowInsecureMount (false) { } TC_SERIALIZABLE (CoreServiceRequest); virtual bool RequiresElevation () const { return false; } @@ -29,6 +29,9 @@ namespace VeraCrypt FilePath ApplicationExecutablePath; bool ElevateUserPrivileges; bool FastElevation; + string UserEnvPATH; + bool UseDummySudoPassword; + bool AllowInsecureMount; }; struct CheckFilesystemRequest : CoreServiceRequest diff --git a/src/Core/Unix/CoreUnix.cpp b/src/Core/Unix/CoreUnix.cpp index f6827806..1f2d3125 100644 --- a/src/Core/Unix/CoreUnix.cpp +++ b/src/Core/Unix/CoreUnix.cpp @@ -596,6 +596,17 @@ namespace VeraCrypt if (IsVolumeMounted (*options.Path)) throw VolumeAlreadyMounted (SRC_POS); + if (options.MountPoint && !options.MountPoint->IsEmpty()) + { + // Reject if the mount point is a system directory + if (IsProtectedSystemDirectory(*options.MountPoint)) + throw MountPointBlocked (SRC_POS); + + // Reject if the mount point is in the user's PATH and the user has not explicitly allowed insecure mount points + if (!GetAllowInsecureMount() && IsDirectoryOnUserPath(*options.MountPoint)) + throw MountPointNotAllowed (SRC_POS); + } + Cipher::EnableHwSupport (!options.NoHardwareCrypto); shared_ptr <Volume> volume; @@ -828,4 +839,100 @@ namespace VeraCrypt s << GetDefaultMountPointPrefix() << slotNumber; return s.str(); } + + bool CoreUnix::IsProtectedSystemDirectory (const DirectoryPath &directory) const + { + static const char* systemDirs[] = { + "/usr", + "/bin", + "/sbin", + "/lib", +#ifdef TC_LINUX + "/lib32", + "/lib64", + "/libx32", +#endif + "/etc", + "/boot", + "/root", + "/proc", + "/sys", + "/dev", + NULL + }; + + // Resolve any symlinks in the path + string path(directory); + char* resolvedPathCStr = realpath(path.c_str(), NULL); + if (resolvedPathCStr) + { + path = resolvedPathCStr; + free(resolvedPathCStr); // Free the allocated memory + } + + // reject of the path is the root directory "/" + if (path == "/") + return true; + + // Check if resolved path matches any system directory + for (int i = 0; systemDirs[i] != NULL; ++i) + { + if (path == systemDirs[i] || path.find(string(systemDirs[i]) + "/") == 0) + return true; + } + + return false; + } + + bool CoreUnix::IsDirectoryOnUserPath(const DirectoryPath &directory) const + { + // Obtain the PATH environment variable + const char* pathEnv = UserEnvPATH.c_str(); + if (!pathEnv[0]) + return false; + + // Resolve the given directory + string dirPath(directory); + char* resolvedDir = realpath(dirPath.c_str(), NULL); + if (resolvedDir) + { + dirPath = resolvedDir; + free(resolvedDir); + } + + // Split PATH and compare each entry + stringstream ss(pathEnv); + string token; + while (getline(ss, token, ':')) + { + // remove any trailing slashes from the token + while (!token.empty() && token.back() == '/') + token.pop_back(); + + if (token.empty()) + continue; + + // check if the directory is the same as the entry or a subdirectory + if (dirPath == token || dirPath.find(token + "/") == 0) + return true; + + // handle the case where the PATH entry is a symlink + char* resolvedEntry = realpath(token.c_str(), NULL); + if (!resolvedEntry) + continue; // skip to the next entry since the path does not exist + + string entryPath(resolvedEntry); + free(resolvedEntry); + + // remove any trailing slashes from the token + while (!entryPath.empty() && entryPath.back() == '/') + entryPath.pop_back(); + + // perform check again if the resolved path is different from the original (symlink) + if (dirPath == entryPath || dirPath.find(entryPath + "/") == 0) + return true; + } + + return false; + } } diff --git a/src/Core/Unix/CoreUnix.h b/src/Core/Unix/CoreUnix.h index 0f1ab344..ae26bf0a 100644 --- a/src/Core/Unix/CoreUnix.h +++ b/src/Core/Unix/CoreUnix.h @@ -48,6 +48,8 @@ namespace VeraCrypt virtual void SetFileOwner (const FilesystemPath &path, const UserId &owner) const; virtual DirectoryPath SlotNumberToMountPoint (VolumeSlotNumber slotNumber) const; virtual void WipePasswordCache () const { throw NotApplicable (SRC_POS); } + virtual bool IsProtectedSystemDirectory (const DirectoryPath &directory) const; + virtual bool IsDirectoryOnUserPath(const DirectoryPath &directory) const; protected: virtual DevicePath AttachFileToLoopDevice (const FilePath &filePath, bool readOnly) const { throw NotApplicable (SRC_POS); } diff --git a/src/Main/CommandLineInterface.cpp b/src/Main/CommandLineInterface.cpp index f2f5e793..9994e450 100644 --- a/src/Main/CommandLineInterface.cpp +++ b/src/Main/CommandLineInterface.cpp @@ -33,6 +33,9 @@ namespace VeraCrypt ArgDisableFileSizeCheck (false), ArgUseLegacyPassword (false), ArgUseDummySudoPassword (false), +#if defined(TC_UNIX) + ArgAllowInsecureMount (false), + #endif StartBackgroundTask (false) { wxCmdLineParser parser; @@ -108,6 +111,9 @@ namespace VeraCrypt #if defined(TC_LINUX ) || defined (TC_FREEBSD) parser.AddSwitch (L"", L"use-dummy-sudo-password", _("Use dummy password in sudo to detect if it is already authenticated")); #endif +#if defined(TC_UNIX) + parser.AddSwitch (L"", L"allow-insecure-mount", _("Allow mounting volumes on mount points that are in the user's PATH")); +#endif wxString str; bool param1IsVolume = false; bool param1IsMountedVolumeSpec = false; @@ -376,6 +382,10 @@ namespace VeraCrypt ArgUseLegacyPassword = parser.Found (L"legacy-password-maxlength"); ArgUseDummySudoPassword = parser.Found (L"use-dummy-sudo-password"); +#if defined(TC_UNIX) + ArgAllowInsecureMount = parser.Found (L"allow-insecure-mount"); +#endif + #if !defined(TC_WINDOWS) && !defined(TC_MACOSX) if (parser.Found (L"fs-options", &str)) ArgMountOptions.FilesystemOptions = str; diff --git a/src/Main/CommandLineInterface.h b/src/Main/CommandLineInterface.h index bab1eb87..c255feb0 100644 --- a/src/Main/CommandLineInterface.h +++ b/src/Main/CommandLineInterface.h @@ -89,6 +89,10 @@ namespace VeraCrypt bool ArgUseLegacyPassword; bool ArgUseDummySudoPassword; +#if defined(TC_UNIX) + bool ArgAllowInsecureMount; +#endif + bool StartBackgroundTask; UserPreferences Preferences; diff --git a/src/Main/Forms/MountOptionsDialog.cpp b/src/Main/Forms/MountOptionsDialog.cpp index d9ffca6b..32b7ae57 100644 --- a/src/Main/Forms/MountOptionsDialog.cpp +++ b/src/Main/Forms/MountOptionsDialog.cpp @@ -34,6 +34,9 @@ namespace VeraCrypt , wxDefaultPosition, wxSize (-1,-1), wxDEFAULT_DIALOG_STYLE | wxRESIZE_BORDER #endif ), Options (options) +#ifdef TC_UNIX + , m_showRedBorder(false) +#endif { if (!title.empty()) this->SetTitle (title); @@ -42,6 +45,16 @@ namespace VeraCrypt else this->SetTitle (LangString["ENTER_TC_VOL_PASSWORD"]); +#ifdef TC_UNIX + if (Gui->InsecureMountAllowed()) + { + this->SetTitle (LangString["INSECURE_MODE"] + L" - " + this->GetTitle()); + m_showRedBorder = true; + Bind(wxEVT_PAINT, &MountOptionsDialog::OnPaint, this); + Bind(wxEVT_SIZE, &MountOptionsDialog::OnSize, this); + } +#endif + if (disableMountOptions) OptionsButton->Show (false); @@ -230,4 +243,27 @@ namespace VeraCrypt Layout(); MainSizer->Fit( this ); } + +#ifdef TC_UNIX + void MountOptionsDialog::OnPaint(wxPaintEvent& event) + { + wxPaintDC dc(this); + if (m_showRedBorder) + { + wxSize size = GetClientSize(); + wxPen pen(*wxRED, 3); // 3 pixels width + dc.SetPen(pen); + dc.SetBrush(*wxTRANSPARENT_BRUSH); + dc.DrawRectangle(0, 0, size.GetWidth(), size.GetHeight()); + } + event.Skip(); + } + + void MountOptionsDialog::OnSize(wxSizeEvent& event) + { + event.Skip(); + if (m_showRedBorder) + Refresh(); + } +#endif } diff --git a/src/Main/Forms/MountOptionsDialog.h b/src/Main/Forms/MountOptionsDialog.h index d0677820..b9bf38ea 100644 --- a/src/Main/Forms/MountOptionsDialog.h +++ b/src/Main/Forms/MountOptionsDialog.h @@ -40,7 +40,16 @@ namespace VeraCrypt void OnReadOnlyCheckBoxClick (wxCommandEvent& event) { UpdateDialog(); } void UpdateDialog (); +#ifdef TC_UNIX + // Used for displaying a red border around the dialog window when insecure mode is enabled + void OnPaint(wxPaintEvent& event); + void OnSize(wxSizeEvent& event); +#endif + MountOptions &Options; +#ifdef TC_UNIX + bool m_showRedBorder; +#endif wxString OptionsButtonLabel; VolumePasswordPanel *PasswordPanel; VolumePasswordPanel *ProtectionPasswordPanel; diff --git a/src/Main/Forms/WaitDialog.cpp b/src/Main/Forms/WaitDialog.cpp index f8180c1d..2489a17b 100644 --- a/src/Main/Forms/WaitDialog.cpp +++ b/src/Main/Forms/WaitDialog.cpp @@ -117,6 +117,9 @@ namespace VeraCrypt VC_CONVERT_EXCEPTION (EMVKeyfileDataNotFound); VC_CONVERT_EXCEPTION (EMVPANNotFound); + VC_CONVERT_EXCEPTION (MountPointBlocked); + VC_CONVERT_EXCEPTION (MountPointNotAllowed); + throw *ex; } } diff --git a/src/Main/GraphicUserInterface.cpp b/src/Main/GraphicUserInterface.cpp index a6ce2a0c..84daa1aa 100644 --- a/src/Main/GraphicUserInterface.cpp +++ b/src/Main/GraphicUserInterface.cpp @@ -1082,7 +1082,12 @@ namespace VeraCrypt #endif mMainFrame = new MainFrame (nullptr); - +#if defined(TC_UNIX) + if (CmdLine->ArgAllowInsecureMount) + { + mMainFrame->SetTitle (mMainFrame->GetTitle() + wxT(" ") + LangString["INSECURE_MODE"]); + } +#endif if (CmdLine->StartBackgroundTask) { UserPreferences prefs = GetPreferences (); diff --git a/src/Main/UserInterface.cpp b/src/Main/UserInterface.cpp index 5798cb31..8da77f5b 100644 --- a/src/Main/UserInterface.cpp +++ b/src/Main/UserInterface.cpp @@ -541,6 +541,9 @@ namespace VeraCrypt EX2MSG (HigherFuseVersionRequired, LangString["LINUX_EX2MSG_HIGHERFUSEVERSIONREQUIRED"]); #endif + EX2MSG (MountPointBlocked, LangString["MOUNTPOINT_BLOCKED"]); + EX2MSG (MountPointNotAllowed, LangString["MOUNTPOINT_NOTALLOWED"]); + #undef EX2MSG return L""; } @@ -560,6 +563,7 @@ namespace VeraCrypt SetPreferences (CmdLine->Preferences); Core->SetApplicationExecutablePath (Application::GetExecutablePath()); + Core->SetUserEnvPATH (getenv ("PATH")); if (!Preferences.NonInteractive) { @@ -572,6 +576,10 @@ namespace VeraCrypt Core->ForceUseDummySudoPassword (CmdLine->ArgUseDummySudoPassword); +#if defined(TC_UNIX) + Core->SetAllowInsecureMount (CmdLine->ArgAllowInsecureMount); +#endif + Core->WarningEvent.Connect (EventConnector <UserInterface> (this, &UserInterface::OnWarning)); Core->VolumeMountedEvent.Connect (EventConnector <UserInterface> (this, &UserInterface::OnVolumeMounted)); @@ -1646,6 +1654,13 @@ const FileManager fileManagers[] = { return sResult; } +#ifdef TC_UNIX + bool UserInterface::InsecureMountAllowed () const + { + return CmdLine->ArgAllowInsecureMount; + } +#endif + #define VC_CONVERT_EXCEPTION(NAME) if (dynamic_cast<NAME*> (ex)) throw (NAME&) *ex; void UserInterface::ThrowException (Exception* ex) @@ -1734,6 +1749,9 @@ const FileManager fileManagers[] = { VC_CONVERT_EXCEPTION (EMVKeyfileDataNotFound); VC_CONVERT_EXCEPTION (EMVPANNotFound); + VC_CONVERT_EXCEPTION (MountPointBlocked); + VC_CONVERT_EXCEPTION (MountPointNotAllowed); + throw *ex; } } diff --git a/src/Main/UserInterface.h b/src/Main/UserInterface.h index 0c742bc7..d04f0214 100644 --- a/src/Main/UserInterface.h +++ b/src/Main/UserInterface.h @@ -86,7 +86,9 @@ namespace VeraCrypt virtual wxDateTime VolumeTimeToDateTime (VolumeTime volumeTime) const { return wxDateTime ((time_t) (volumeTime / 1000ULL / 1000 / 10 - 134774ULL * 24 * 3600)); } virtual wxString VolumeTimeToString (VolumeTime volumeTime) const; virtual wxString VolumeTypeToString (VolumeType::Enum type, VolumeProtection::Enum protection) const; - +#ifdef TC_UNIX + virtual bool InsecureMountAllowed () const; +#endif Event PreferencesUpdatedEvent; struct BusyScope diff --git a/src/Platform/Exception.h b/src/Platform/Exception.h index 4f3838ea..a768bfda 100644 --- a/src/Platform/Exception.h +++ b/src/Platform/Exception.h @@ -96,7 +96,9 @@ namespace VeraCrypt TC_EXCEPTION (TestFailed); \ TC_EXCEPTION (TimeOut); \ TC_EXCEPTION (UnknownException); \ - TC_EXCEPTION (UserAbort) + TC_EXCEPTION (UserAbort); \ + TC_EXCEPTION (MountPointBlocked); \ + TC_EXCEPTION (MountPointNotAllowed) TC_EXCEPTION_SET; |