Gustavo Noronha <[email protected]> writes: > able to read the password by eavesdropping the X connection. However, > this is ineffective against malicious applications that use ptrace() to > capture the password. See http://bugs.debian.org/474024 for more info.
Doesn't this give the wrong impression? Somebody might disable ptrace from their system and think they are safe? In reality also ltrace (using LD_PRELOAD) can capture the password. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
