Package: util-linux Version: 2.12r-19etch1 Debian Version: etch Hi, i have noted this strange behavior while logging in linux console : let suppose the system is busy on heavy tasks and you try to login by insert <username>+<CR>+<password>+<CR> in a fast way (that is without waiting for "password:" prompt to be displayed), this results on clear password showed on console. To be more clear i attach a screenshoot rapresenting the screen of a virtual machine i tried to loggin on whit the account "root/root" ("<username>/<password>"). You can see the password ("root") clearly displayed before the "Password:" prompt. A this stage the password is only showed on the screen and not "buffered" because hitting the Enter Key results in a login failure -> must re-enter the password after "Password:" prompt showed up.
Think this is a security problem because clear password showed up. Regards, Andrea.
<<attachment: login-fail.png>>