Dan Mashal wrote: > In the latest Fedora 19 Beta TC2 install after I got through the > initial steps of the install I started to setup my root password. > > To my surprise my password was shown in plain text instead of bullets. > > I believe that this is a major security risk and that this is a new UI > change going forward and this is not a bug. > > Do you think this is a good idea? Very very bad idea. > What if you are installing and someone is looking over your shoulder > and you don't know about this new "UI improvement"? Precisely. This will be a very unpleasant surprise to the experienced admin who knows that passwords are always obscured in password entry fields. I don't suppose there's a warning in big red letters? "BEWARE! YOUR ROOT PASSWORD WILL BE *VISIBLE*. MAKE SURE THAT NOBODY CAN SEE THE SCREEN!" The admin won't know about this misfeature until he looks up from the keyboard and sees the password being displayed in the clear, right? Always close the door and the blinds when installing operating systems? That's easier said than done in an open plan office. Björn Persson
Attachment:
signature.asc
Description: PGP signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
