Generally agree, yet many TrueCrypt users live in countries that violate basic human rights - even few of our "well-known" N900 users. So, basically, option that compromise hidden volumes shouldn't be permitted.

Yet, in our case, it's impossible to hide TrueCrypt usage at all, so we need to only protect "hidden" volumes. They're bundled on "public knowledge" encrypted volumes, so proper sudoers shouldn't compromise them in any way.

If someone got an idea, why fixing sudo rules could reveal hidden volumes existence (*not* existence of volume at all), drop an info here. Otherwise, rules are going to be updated via woody's suggestion in next version (priority=low, as on N900 even some operations from pure user may be catastrophic, not to mention rootsh /gainroot installed by any sane device owner).
---

woody, idea with creating 3th device is great. Could You elaborate more on what parts exactly (of osso-usb-mass-storage-enable.sh) one need to edit and where?

Custom copy of osso-usb-mass-storage-enable.sh (lets call it tc-mass-storage), that would be used explicitly to add 3th encrypted volume, could be even better.

/Estel