Bug 437499 - silently rejects certain encryption passphrases
Summary: silently rejects certain encryption passphrases
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: anaconda (Show other bugs)
(Show other bugs)
Version: rawhide
Hardware: All Linux
low
low
Target Milestone: ---
Assignee: David Lehman
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-03-14 16:22 UTC by Bill Nottingham
Modified: 2014-03-17 03:12 UTC (History)
1 user (show)

Fixed In Version: anaconda-11.4.0.53-1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-03-18 16:11:38 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Bill Nottingham 2008-03-14 16:22:01 UTC
Description of problem:

Hit the spacebar eight times for your encryption passphrase. anaconda doesn't
throw an error, but appears to have rejected it.

Version-Release number of selected component (if applicable):

rawhide-20080314

Comment 1 Bill Nottingham 2008-03-14 17:20:02 UTC
It appears to be treating it as blank - any leading or trailing spaces on
passphrases are removed as well.

Comment 2 David Lehman 2008-03-14 17:32:42 UTC
I'm so used to stripping leading/trailing whitespace from input that I did it
for the passphrases as well. You think we should preserve it, I take it?

Comment 3 Bill Nottingham 2008-03-14 17:34:42 UTC
Not sure. Do we do it for passwords?

If nothing else, you may want to move the character count until after the strip.

Comment 4 David Lehman 2008-03-14 18:36:46 UTC
To my surprise we do not do any stripping of whitespace from the root password.
The more I think about it, the more I think we should not do any unrequested
modification of the passphrase. It's exactly the sort of thing that pisses me
off as a user.

While I'm at it, any thoughts on enforcing a limited character set like we do
for the password? (string.digits + string.ascii_letters + string.punctuation + "
") It  doesn't seem necessary to me, but I know nothing of such things.

Comment 5 Bill Nottingham 2008-03-14 18:44:18 UTC
Well, it would obviate some of the keymap issues if we did. Don't know it's 100%
*necessary*, though.

Comment 6 David Lehman 2008-03-18 16:11:38 UTC
Should be fixed in anaconda-11.4.0.53-1.


Note You need to log in before you can comment on or make changes to this bug.