Package: xdm Version: 1:1.1.8-3 Severity: important
Lenny's xdm does not show the password input field initially, it is only displayed after the user enters "Return". This disables tab-switching, which is bad: For a typical login typing sequence username <TAB> password <RETURN> the password will apper in cleartext in the username box. Should anyone look over one's shoulder, this is a security problem. The login sequence given above is very customary, since e.g. Windows requires a tab key to switch between the fields in the login mask. Claus -- Claus Fischer <[EMAIL PROTECTED]> http://www.clausfischer.com/
signature.asc
Description: Digital signature
