Bug 719491

Summary: Passcode visible when typing using a Japanese Input Method in CSB6 (VPNgui & Network Manager)
Product: Red Hat Enterprise Linux 6 Reporter: gfujita
Component: gtk2Assignee: Benjamin Otte <otte>
Status: CLOSED WONTFIX QA Contact: Desktop QE <desktop-qa-list>
Severity: high Docs Contact:
Priority: unspecified    
Version: 6.0CC: legal.mafia96, rkhan, tpelka
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-12-06 11:16:29 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description gfujita 2011-07-07 02:26:48 UTC 
Description of problem:
Passcode visible when typing using a Japanese Input Method in CSB6  (VPNgui & Network Manager) when attempting to use the VPN


Version-Release number of selected component (if applicable):
redhat-internal-NetworkManager-vpnc-data-otp-3.5-0.el6.rhis.noarch
NetworkManager-0.8.1-9.el6.x86_64
NetworkManager-glib-0.8.1-9.el6.x86_64
NetworkManager-gnome-0.8.1-9.el6.x86_64
NetworkManager-vpnc-0.7.997-1.el6.rhis.x86_64
NetworkManager-openvpn-0.8.1-0.1.git20100609.el6.x86_64


How reproducible:

Steps to Reproduce:
1. Enable Japanese Input Method of your choice (anthy, scim, mozc)
2. Type the PIN (for VPN access)
3. If Japanese Input Method is turned on, you can easily see that the PIN is visible
  
Actual results:
The actual PIN code is visible

Expected results:
Those PINs should be only indicated as a * for each character. For example, if the PIN is 1234, it should only indicate **** instead.

Additional info:
Comment 2 RHEL Program Management 2011-10-07 16:00:07 UTC 
Since RHEL 6.2 External Beta has begun, and this bug remains
unresolved, it has been rejected as it is not proposed as
exception or blocker.

Red Hat invites you to ask your support representative to
propose this request, if appropriate and relevant, in the
next release of Red Hat Enterprise Linux.
Comment 3 Dan Williams 2013-02-19 18:09:13 UTC 
This must be a GTK bug, because nm-vpnc sets gtk_entry_set_visibility(FALSE) and only toggles visibility if the "Show Passwords" checkbox is changed.  It does also bind the "_o" mnemonic to the Show Passwords checkbox though, so maybe the IM method is triggering that somehow when the dialog is shown?  That would be a bug in the IM though.
Comment 6 RHEL Program Management 2013-10-14 05:16:23 UTC 
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.
Comment 7 Jan Kurik 2017-12-06 11:16:29 UTC 
Red Hat Enterprise Linux 6 is in the Production 3 Phase. During the Production 3 Phase, Critical impact Security Advisories (RHSAs) and selected Urgent Priority Bug Fix Advisories (RHBAs) may be released as they become available.

The official life cycle policy can be reviewed here:

http://redhat.com/rhel/lifecycle

This issue does not meet the inclusion criteria for the Production 3 Phase and will be marked as CLOSED/WONTFIX. If this remains a critical requirement, please contact Red Hat Customer Support to request a re-evaluation of the issue, citing a clear business justification. Note that a strong business justification will be required for re-evaluation. Red Hat Customer Support can be contacted via the Red Hat Customer Portal at the following URL:

https://access.redhat.com/