Re: FreeBSD getpass "feature"

Philippe Regnauld (regnauld@DEEPO.PROSA.DK)
Wed, 25 Feb 1998 19:39:27 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Brian Macke: "Re: FreeBSD getpass "feature""
Previous message: kevingeo@CRUZIO.COM: "Quake 2 Linux 3.13 (and lower) allow users to read arbitrary files"
Maybe in reply to: GvS One: "FreeBSD getpass "feature""
Next in thread: Brian Macke: "Re: FreeBSD getpass "feature""

GvS One writes:
> Hi, netters!
>
> I just found some discouraging feature of the getpass(3) function,
> which affects the all programs which are using it: passwd, login, ...
> When you press ^C (send intr) at the password prompt, you... can enter
> then password visible (echoed). It does _not_ affect slogin/ssh
> package because it uses other password giving mechanism.

I always saw this as a "feature", just like s/key (at least on
FreeBSD) that would echo your pass on login if you typed return
on the first password prompt. Of course, echoing the password
should is strongly discouraged on a remote session, but then
again packet sniffing will catch you either way.

I thought it was quite handy on lossy/extremely slow links.

--
 -[ Philippe Regnauld / sysadmin / regnauld@deepo.prosa.dk / +55.4N +11.3E ]-
     «Pluto placed his bad dog at the entrance of Hades to keep the dead
            IN and the living  OUT!  The archetypical corporate firewall?»
                      - S. Kelly Bootle, ("MYTHOLOGY", in Marutukku distrib)

Next message: Brian Macke: "Re: FreeBSD getpass "feature""
Previous message: kevingeo@CRUZIO.COM: "Quake 2 Linux 3.13 (and lower) allow users to read arbitrary files"
Maybe in reply to: GvS One: "FreeBSD getpass "feature""
Next in thread: Brian Macke: "Re: FreeBSD getpass "feature""