[dm-crypt] Secret data from stdin

Arno Wagner arno at wagner.name
Thu Aug 16 00:34:11 CEST 2012


On Wed, Aug 15, 2012 at 05:44:01PM +0200, Milan Broz wrote:
> On 08/15/2012 05:12 PM, Kent Yoder wrote:
> 
> >   Yep, I am out of date here.  What do you think about a code change
> > that woudl print a big fat warning if non-ascii bytes are detected on
> > stdin?  Not changing the behavior (we don't want to break people who
> > might be already doing this), but just a warning.
> 
> No please.
> Anything what prints any information about passphrase to screen, log etc.
> is not acceptable, it provides info which should not be seen anywhere.

I agree. And in addition what non-ascii is has become fuzzy with
Unicode. The non-ascii and even potential newlines may be just what
the user wanted to be in there.
 
> I know that \n handling is problematic, but there is huge amount of
> scripts using this redirection. We cannot simply change it.
> (At least not for current CLI commands.)

I think it works reasonably well at this time and there is
ample warning in the man-page. If somebody insists on
shooting themselves in the foot, they will always find a 
way to do so.

Maybe we could think about a '--give-lots-of-paranoid-warnings'
option some time in the future. 

Arno
-- 
Arno Wagner,    Dr. sc. techn., Dipl. Inform.,   Email: arno at wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
One of the painful things about our time is that those who feel certainty 
are stupid, and those with any imagination and understanding are filled 
with doubt and indecision. -- Bertrand Russell 


More information about the dm-crypt mailing list