From mboxrd@z Thu Jan  1 00:00:00 1970
From: sirmacik <sirmacik@wioo.waw.pl>
Subject: bug#35716: Password security bugs in LUKS configuration during guided
	install
Date: Mon, 13 May 2019 17:09:22 +0200
Message-ID: <20190513150922.GA30339@mail.freearts.agency>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Return-path: <bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([209.51.188.92]:48735)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hQCcW-0000xG-Ay
	for bug-guix@gnu.org; Mon, 13 May 2019 11:12:05 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hQCcV-0008Kz-C3
	for bug-guix@gnu.org; Mon, 13 May 2019 11:12:04 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:60637)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1hQCcV-0008Kr-8V
	for bug-guix@gnu.org; Mon, 13 May 2019 11:12:03 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hQCcV-0006rU-1P
	for bug-guix@gnu.org; Mon, 13 May 2019 11:12:03 -0400
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-Message-ID: <handler.35716.B.155776031826348@debbugs.gnu.org>
Received: from eggs.gnu.org ([209.51.188.92]:48203)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <sirmacik@wioo.waw.pl>) id 1hQCa8-0007zf-OY
	for bug-guix@gnu.org; Mon, 13 May 2019 11:09:37 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <sirmacik@wioo.waw.pl>) id 1hQCa7-00062N-Sp
	for bug-guix@gnu.org; Mon, 13 May 2019 11:09:36 -0400
Received: from mail.freearts.agency ([51.68.137.137]:57486)
	by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
	(Exim 4.71) (envelope-from <sirmacik@wioo.waw.pl>)
	id 1hQCa7-0005v4-CY
	for bug-guix@gnu.org; Mon, 13 May 2019 11:09:35 -0400
Received: from localhost (localhost [127.0.0.1]) (Authenticated sender:
	sirmacik@wioo.waw.pl)
	by mail.freearts.agency (Postcow) with ESMTPSA id B0A3840369
	for <bug-guix@gnu.org>; Mon, 13 May 2019 17:09:23 +0200 (CEST)
Content-Disposition: inline
List-Id: Bug reports for GNU Guix <bug-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-guix>,
	<mailto:bug-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/bug-guix/>
List-Post: <mailto:bug-guix@gnu.org>
List-Help: <mailto:bug-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-guix>,
	<mailto:bug-guix-request@gnu.org?subject=subscribe>
Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org
Sender: "bug-Guix" <bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org>
To: 35716@debbugs.gnu.org

Hey Guix

I've asked on IRC if those bugs were known but apparently no, so here
they are:

- during guided installation with LUKS encryption one is not able to
  enter password longer then length of field;
- in the same field password is shown during typing (lets one see bug
  above, characters typed after reaching length of field are simply
  not recorded);

Field with conformation hides typed letters. Due to bug #1 I wasn't
able to check if it works properly.

--
sirmacik
PGP: 0xE0DC81D523891771