You are here

PAF.tc - PortableApp TrueCrypt Wrapper Dev Test 6

9 posts / 0 new
Last post
mstinaff
Offline
Last seen: 14 years 9 months ago
Joined: 2006-10-01 10:58
PAF.tc - PortableApp TrueCrypt Wrapper Dev Test 6

Application: PAF.tc Wizard
Category: Privacy/Security
Description:
PAF.tc is a wrapper that will mount a TrueCrypt container file, launch a PortableApp from that mounted container, wait for the PortableApp to exit and then dismount the container file. PAF.tc is able to handle multiple instances and will only try to dismount after the last instance has exited. PAF.tc Wizard helps automate the setup of PAF.tc and integrates PAF.tc seamlessly into the Portable Apps Platform. PAF.tc Wizard and PAF.tc have the following requirements:

  • Admin rights and a portable copy of TrueCrypt
  • or

  • A locally installed copy of TrueCrypt

PAF.tc Wizard 1.0 Dev Test 6[329 KB download/392KB installed]
(MD5: 1C92E44DC0F4D492861CF3567796681D )

The format of PAF.tc.ini

[User Settings]
TrueCrypt Location=:\PortableApps\TC\TrueCrypt.exe
TrueCrypt Systray=false
TC Container=FooPortable.tc
Executable Path=:\FooPortableDirectory\FooPortable.exe
Executable Parameters= -z100
Dismount Delay=100
Storage Only=false

[Relaunch Tracking]
Drive Letter=Z
Mount Instances=0

PAF.tc.ini setting definitions (all settings are optional if default folder structure is used)

  • TrueCrypt Location: Location of TrueCrypt.exe traveler installation on Portable Apps drive (sans drive letter)
  • TrueCrypt Systray: if true TrueCrypt will be launched to the system tray. false by default.
  • TC Container: Name of the TrueCrypt container file in the \Data directory that contains the PortableApp
  • Executable Path: String that is appended to the mounted drive letter used to launch the encrypted app
  • Executable Parameters: String of parameters to append to the launch command of the Portable App.
  • Dismount Delay: Time in ms that PAF.tc waits after launched app exits before attempting to dismount the container.
  • Storage Only: if true The TrueCrypt container will be mounted as storage only and PAF.tc will wait until the TrueCrypt container is dismounted before reseting the mount count in the ini file (Executable Path and Parameters are ignored.) Subsequent launches of PAF.tc will present the option to dismount the drive. If declined an explorer window will be opened showing the drive. default is false
  • Drive Letter: Do not modify. Filled in by PAF.tc if not yet mounted. If is mounted then is used to locate where it is mounted.
  • Mount Instance: Do not modify. Filled in by PAF.tc to track how many instances of the encrypted app are running. PAF.tc will not dismount the container until the Mount Instances goes to zero

Release Notes:

Development Test 6 (2009-07-31):

  • Fix-- Code for finding an available drive letter was not reliable. This has been reworked in both PAF.tc and the wizard.
  • New-- If the execute command fails after the container has been mounted PAF.tc will present the option to launch in storage only mode.
  • New-- Tweaked some error messages and code comments

Development Test 5 (2009-07-27):

  • Fix-- Wizard now writes ini file with drive letter removed from truecrypt executable path. PAF.tc will now fill that in at run time.
  • Fix-- rewrite for dev test 4 introduced some bugs that caused the wizard to be unable to mount the container to copy in the Portable App. This has been fixed.

Development Test 4 (2009-07-24):

  • New-- Major rewrite of both PAF.tc and PAF.tc Wizard
  • New-- Beefed up error handling.
  • Fix-- PAF.tc and PAF.tc Wizard will properly defer to local TrueCrypt install when a local install is detected.

Development Test 3 (2009-07-12):

  • Fix-- PAF.tc Wizard now properly dismounts when done.
  • New-- PAF.tc Wizard now creates a placeholder file for the container file and launches TrueCrypt Format from that location. Step will be obsoleted when TrueCrypt Format allows commandline file creation

Development Test 2 (2009-07-12):

  • Added PAF.tc Wizard. Does most of the setup work for PAF.tc.
  • Will test for admin rights. If no admin rights, will look for a local install.

Development Test 1 (2009-06-26):

  • Initial Release

SAL-e
Offline
Last seen: 14 years 7 months ago
Joined: 2006-11-18 01:54
Using local copy of TC.

Hi,
I am using TC with my PortableApp installation, but it is done by "bat" scripts. It is very ugly solution. I like your approach better except the requirement for Admin Rights. I know that is because TC has to load a disk driver and it could be done only if the user has Admin rights. One workaround that I found for me is to have install TC on my laptop. That way the driver is loaded at start-up of the computer and TC don't need admin rights to mount my container. This workaround of course can have some problems. Most dangerous one is to have version mismatch between local install and the portable version. I have not tried, but I hope that TC will check for that and will quit before it causes any problem. So my question is: have you try to use your wrapper on computer with local install of TC?

mstinaff
Offline
Last seen: 14 years 9 months ago
Joined: 2006-10-01 10:58
Can use a local install now

I have set up PAF.tc to look for and use a local install of TrueCrypt if it is available and the user does not have admin rights. In this instance PAF.tc will open a messagebox showing the version of the local install and asking if it should be trusted. Haven't done much investigation into cross version usage but I will.

Thanks for the improvement idea.

Key ID: 0xDAE3095F
Fingerprint: 5D98 65D2 1844 21A5 76C1 F0F6 4BE6 D689 DAE3 095F

Jimbo
Offline
Last seen: 4 years 10 months ago
Joined: 2007-12-17 05:43
cross-version usage

I can answer that one, since I've tried a range of versions in the past (been using TC since 4.x series).

The exe that you run to mount or dismount a container must match the version of the drivers exactly.

That means that if there is a version installed, you have to run a TrueCrypt.exe of exactly the same version. i.e. if the one on your key is different, it will fail.

I would suggest that if you detect an installed copy, you should always use it, admin rights or no.

If the issue is a question of trust, well, if you don't / can't trust the administrator of the machine, you're screwed anyway, and a bogus tc.exe is the least of your worries.

mstinaff
Offline
Last seen: 14 years 9 months ago
Joined: 2006-10-01 10:58
Local install handling

True, if you don't trust the local install then you probably should reconsider even putting your thumb drive in. But there are friends and family I do trust, but may not have kept their TrueCrypt installs up to date. So upon detection of a local install I still present the option to use it or quit out, presumably to tell your friend/family that they really need to update their old software.

Thank you for the info, it prompted me to go download some old versions of TrueCrypt to test out local installs and differing versions.

Key ID: 0xDAE3095F
Fingerprint: 5D98 65D2 1844 21A5 76C1 F0F6 4BE6 D689 DAE3 095F

Faust
Offline
Last seen: 14 years 1 week ago
Joined: 2009-06-26 20:34
kill local service

I just run a bat that kills any local service in order to avoid conflicts.

Jimbo
Offline
Last seen: 4 years 10 months ago
Joined: 2007-12-17 05:43
Not a good solution

what happens if you kill the local service and there are already mounted containers?

Faust
Offline
Last seen: 14 years 1 week ago
Joined: 2009-06-26 20:34
heheh

Haven't bothered testing that -- I dismount all the containers before killing the service. Obviously this solution doesn't work if you need to access those containers, but it's a good solution if you privilege your portable container(s) over those on the host machine.

Jimbo
Offline
Last seen: 4 years 10 months ago
Joined: 2007-12-17 05:43
dangerous :)

Especially since one of the containers on the PC I'm sat at typing this is the system drive.

Killing the driver here would likely be disastrous...

I think I prefer the "use the local version" methodology.

Log in or register to post comments