[dm-crypt] [ANNOUNCE] cryptsetup 1.6.6
arno at wagner.name
Sat Aug 16 13:25:04 CEST 2014
On Sat, Aug 16, 2014 at 12:49:30 CEST, Milan Broz wrote:
> The stable cryptsetup 1.6.6 release is available at
> Cryptsetup API NOTE:
> The direct terminal handling for passphrase entry will be removed from
> libcryptsetup in next major version (application should handle it itself).
> It means that you have to always either provide password in buffer or set
> your own password callback function through crypt_set_password_callback().
> See API documentation (or libcryptsetup.h) for more info.
I think this is an excellent idea. Direct terminal handling is
not the job of a disk-encryption library. The way it is done
may also have quite a few details that are not readily obvious,
but can have security implications.
It may be a good idea to put the old way into the documentation
though and have some source-code fragment for it. If not too
long, I could use that as the start of a libcryptsetup section
in the FAQ or as the start of a libcryptsetup-specific FAQ.
Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno at wagner.name
GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718
A good decision is based on knowledge and not on numbers. - Plato
More information about the dm-crypt