On 11/03/2009 11:08 AM, Ludwig Nussel wrote: >> I don't think this in good idea. Information that user entered non-ASCII >> character is useful for attacker, why display it to terminal? >> (That problem exist in all password entry dialogs - why cryptsetup should >> be special here?) > > It's only displayed if you add a new password. I doubt you usually > do that if someone's looking at your screen. He could just look at > your keyboard while you are typing as well then, right? :-) No. Output can be logged (installer debug output for example). If the warning is not there, I know that user have only ascii chars in password. Milan -- mbroz@xxxxxxxxxx _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
