From mboxrd@z Thu Jan 1 00:00:00 1970 From: sirmacik Subject: bug#35716: Password security bugs in LUKS configuration during guided install Date: Mon, 13 May 2019 17:09:22 +0200 Message-ID: <20190513150922.GA30339@mail.freearts.agency> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: Received: from eggs.gnu.org ([209.51.188.92]:48735) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hQCcW-0000xG-Ay for bug-guix@gnu.org; Mon, 13 May 2019 11:12:05 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hQCcV-0008Kz-C3 for bug-guix@gnu.org; Mon, 13 May 2019 11:12:04 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:60637) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1hQCcV-0008Kr-8V for bug-guix@gnu.org; Mon, 13 May 2019 11:12:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1hQCcV-0006rU-1P for bug-guix@gnu.org; Mon, 13 May 2019 11:12:03 -0400 Sender: "Debbugs-submit" Resent-Message-ID: Received: from eggs.gnu.org ([209.51.188.92]:48203) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hQCa8-0007zf-OY for bug-guix@gnu.org; Mon, 13 May 2019 11:09:37 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hQCa7-00062N-Sp for bug-guix@gnu.org; Mon, 13 May 2019 11:09:36 -0400 Received: from mail.freearts.agency ([51.68.137.137]:57486) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hQCa7-0005v4-CY for bug-guix@gnu.org; Mon, 13 May 2019 11:09:35 -0400 Received: from localhost (localhost [127.0.0.1]) (Authenticated sender: sirmacik@wioo.waw.pl) by mail.freearts.agency (Postcow) with ESMTPSA id B0A3840369 for ; Mon, 13 May 2019 17:09:23 +0200 (CEST) Content-Disposition: inline List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: 35716@debbugs.gnu.org Hey Guix I've asked on IRC if those bugs were known but apparently no, so here they are: - during guided installation with LUKS encryption one is not able to enter password longer then length of field; - in the same field password is shown during typing (lets one see bug above, characters typed after reaching length of field are simply not recorded); Field with conformation hides typed letters. Due to bug #1 I wasn't able to check if it works properly. -- sirmacik PGP: 0xE0DC81D523891771