--- Begin Message ---
Subject: |
Password security bugs in LUKS configuration during guided install |
Date: |
Mon, 13 May 2019 17:09:22 +0200 |
User-agent: |
Microsoft Office/14.0 (Windows NT 6.0; Microsoft Outlook 14.0.4760; Pro) |
Hey Guix
I've asked on IRC if those bugs were known but apparently no, so here
they are:
- during guided installation with LUKS encryption one is not able to
enter password longer then length of field;
- in the same field password is shown during typing (lets one see bug
above, characters typed after reaching length of field are simply
not recorded);
Field with conformation hides typed letters. Due to bug #1 I wasn't
able to check if it works properly.
--
sirmacik
PGP: 0xE0DC81D523891771
--- End Message ---
--- Begin Message ---
Subject: |
Re: bug#35716: Password security bugs in LUKS configuration during guided install |
Date: |
Tue, 14 May 2019 12:17:28 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.2 (gnu/linux) |
Hi sirmacik,
sirmacik <address@hidden> skribis:
> I've asked on IRC if those bugs were known but apparently no, so here
> they are:
>
> - during guided installation with LUKS encryption one is not able to
> enter password longer then length of field;
Good catch!
Commit ef250707d3303d58ae00fe8f461701e7fa788d8a fixes it for the
passphrase, the root password, and user passwords.
> - in the same field password is shown during typing (lets one see bug
> above, characters typed after reaching length of field are simply
> not recorded);
This has been addressed recently:
<https://issues.guix.info/issue/35540>.
Thanks for your report!
Ludo’.
--- End Message ---