On Tue, 2009-05-05 at 13:00 +0300, Timo Juhani Lindfors wrote: > Gustavo Noronha <[email protected]> writes: > > Sounds good! Would you provide a patch to the manpage, explaining these > > issues? > > Would the attached patch do?
I think saying it's ineffective is a bit too much. It does block applications which are using a specific technique, so it's partially effective. But otherwise looks good to me. I'll have it applied with a minor modification: able to read the password by eavesdropping the X connection. However, this is ineffective against malicious applications that use ptrace() to capture the password. See http://bugs.debian.org/474024 for more info. Sounds good to you? -- Gustavo Noronha <[email protected]> Debian Project -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
