On 10/22/2009 04:16 PM, Ludwig Nussel wrote: > There's no way to determine whether e.g. the keymap on the console is > the same as in X. Ie a key with umlauts added in an xterm may not be > usable during boot. So when using e.g. an encrypted root partition > users could lock themselves out. So I wonder whether a patch like > the following would be acceptable? > + "* Warning: Entering non-ASCII passwords\n" > + "* may not be possible on all systems.\n" > + "* Make sure you can unlock the volume in\n" > + "* the intended environment!\n"); Hi, I don't think this in good idea. Information that user entered non-ASCII character is useful for attacker, why display it to terminal? (That problem exist in all password entry dialogs - why cryptsetup should be special here?) This should be solved in environment before cryptsetup starts - set proper keymap (even during boot). IIRC Fedora support setting keymap in boot environment now, there were similar bug reports already:-) Also I expect that in future libcryptsetup will be used more (instead of wrapper over cryptsetup binary and the whole internal code for reading password will be moved to caller application which is then responsible for password from terminal reading stuff. Milan -- mbroz@xxxxxxxxxx _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
