__/ [ Gubo Dangle ] on Saturday 12 August 2006 03:11 \__
> Hadron Quark formulated on Saturday :
>> OK. Heres a question.
>>
>> We all love the GNUs/KDE/Gnome/mishmash of our choice sat on top of the
>> Linux Kernal.
>>
>> Q: Why does Gnome let you hit "delete/backspace" when entering a
>> password yet the sudo command in bash counts it as a legitimate password
>> try?
>>
>> Over to us all to discuss it.
>>
>> (Oh, and Kier, please dont say "choice").
>
> You haven't got your keyboard configured correctly. Gome's/KDE/X all
> handle keyboards through their own means. bash does it for itself too.
>
> Stupid, but that's Linux for you....
Actually, it's more about inconvenience than it is about
security (as the subject line arguably suggests). One ought
to argue that Windows XP is less secure because the login
screen diplays dots for each character entered. In GNOME
(e.g. Ubuntu), I believe this is the default behaviour as
well. With KDE, there's an option: no indicators, 1 star for
each character, or 3 stars per character entered, IIRC. In
the third case (the one I stick to), this makes the number
of characters entered harder to count. If someone looks over
your shoulder, then perhaps listening to the taps would deem
reasonable. This still won't compensate for faking strokes
and backspacing though. Invisibility is the best option.
Keyboard issues in bash seem to suggest that the
distribution is badly configured or semi-baked. I doubt
Ubuntu will have this problem 'out of the box', unless
something went awry in the configuration stage.
Best wishes,
Roy
|
|