From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; rv:1.7.3) Gecko/20041002 Firefox/0.10.1 Description of problem: When I've locked the screen, I typically press the Escape key to stop the screensaver, and trigger the password entry/unlock screen dialog. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. lock the screen 2. watch the screensaver 3. press escape Actual Results: An asterisk is added to the password entry field; it appears that the escape character has been typed as the first character of my password Expected Results: Can the escape key ever be a valid password character? I don't believe so. I'd like to use it to simply get rid of the screensaver and get to the unlock screen dialog. Additional info:
The tab key also generate an asterisk when typed in this dialog; should it?
It's unclear to me what characters can be used in passwords. What characters does the "passwd" program accept? I think it depends on what your stty settings are... Does Gnome have a GUI for changing your password? If so, what characters does it accept?
What characters does gdm accept? It looks like it's using a regular GTKEntry widget to me, so it appears that we're already restricting passwords to those strings typable here. (can I type random unicode characters into the entry field?)
The only illegal characters a unix password can have are newline and nul. Note most gui programs are going to strip out random escape sequences, tabs, etc, and different console programs are going to interpret those types of characters differently, so users who do put funky characters in their passwords probably already have broken systems. I think it's pretty safe to assume unprintable characters are off limits (except space).
This should be fixed in tomorrow's rawhide
Created attachment 118321 [details] Ignore unprintable characters Hi Jamie, Above is the patch I commited to rawhide.