[dm-crypt] Secret data from stdin
arno at wagner.name
Thu Aug 16 00:34:11 CEST 2012
On Wed, Aug 15, 2012 at 05:44:01PM +0200, Milan Broz wrote:
> On 08/15/2012 05:12 PM, Kent Yoder wrote:
> > Yep, I am out of date here. What do you think about a code change
> > that woudl print a big fat warning if non-ascii bytes are detected on
> > stdin? Not changing the behavior (we don't want to break people who
> > might be already doing this), but just a warning.
> No please.
> Anything what prints any information about passphrase to screen, log etc.
> is not acceptable, it provides info which should not be seen anywhere.
I agree. And in addition what non-ascii is has become fuzzy with
Unicode. The non-ascii and even potential newlines may be just what
the user wanted to be in there.
> I know that \n handling is problematic, but there is huge amount of
> scripts using this redirection. We cannot simply change it.
> (At least not for current CLI commands.)
I think it works reasonably well at this time and there is
ample warning in the man-page. If somebody insists on
shooting themselves in the foot, they will always find a
way to do so.
Maybe we could think about a '--give-lots-of-paranoid-warnings'
option some time in the future.
Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno at wagner.name
GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F
One of the painful things about our time is that those who feel certainty
are stupid, and those with any imagination and understanding are filled
with doubt and indecision. -- Bertrand Russell
More information about the dm-crypt