> To send the password to losetup, the script puts it in the > command line: > echo "$PASS1" | losetup -e "$CIPHER" -p 0 "$LOOPDEV" "$UNDERLYING" > > Any user on the same box, can see the password using 'ps' so > i considere it as a hole. Maybe, yes. But since you claimed already that this is a _init_ script, and since swap isn't even turned on yet, the whole issue is irrelevant since nobody can have logged on yet. No network, no local gettys yet, just some shell asking for a password. That thing shouldn't be used in any other context, though. Thanks, Roman. -- - - | Roman Drahtmüller <draht@suse.de> // "You don't need eyes to see, | SuSE GmbH - Security Phone: // you need vision!" | Nürnberg, Germany +49-911-740530 // Maxi Jazz, Faithless | - - - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
