I've done some tests here without success.
I think that this is an issue with usplash, since it's the one in charge
of presenting the prompt and reading from keyboard.
Anyway... I can't think of an example of how some attacker might use it.
I'm not sure if Ubuntu should use it anyway, but, for m
Thanks for your patch! From now on, I can confirm that your patch works.
However, I can still reproduce an important security issue described in
bug 62751 when entering the password through usplash (password is echoed
in plain text in the console).
We should be 100% sure that this security flaw do
I've written a patch to one of cryptsetup package scripts so it uses
usplash to ask the password.
The file: /lib/cryptsetup/cryptdisks.functions
The patch is attached. Try it out please. It's working here.
** Changed in: cryptsetup (Ubuntu)
Sourcepackagename: usplash => cryptsetup
** Attachment
Oh, I'm also attaching the complete script for the ones that doesn't
know how to patch a file.
File: /lib/cryptsetup/cryptdisks.functions
** Attachment added: "cryptdisks.functions"
http://launchpadlibrarian.net/15877418/cryptdisks.functions
** Changed in: cryptsetup (Ubuntu)
Status: C
** Changed in: usplash (Ubuntu)
Importance: Wishlist => Low
--
[gutsy] "Enter passphrase" for LUKS/cryptsetup breaks usplash
https://bugs.launchpad.net/bugs/139363
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailin
Updated hardy beta 1, this bug still exist. Since usplash now show fsck
verifications in graphic mode, I'm pretty sure that it can be updated to
do the same with cryptsetup.
--
[gutsy] "Enter passphrase" for LUKS/cryptsetup breaks usplash
https://bugs.launchpad.net/bugs/139363
You received this b
I have another configuration now, so I cannot test hardy's usplash.
There have been added several new "dialogs" in usplash i.e. when testing a
device for errors. Maybe there is also a new "dialog", when another encrypted
partiton than root needs a password. Is somebody able to test this easily?
** Changed in: usplash (Ubuntu)
Importance: Undecided => Wishlist
Status: New => Confirmed
--
[gutsy] "Enter passphrase" for LUKS/cryptsetup breaks usplash
https://bugs.launchpad.net/bugs/139363
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug
This is probably due to the fact that usplash will only unlock the root
partition. The boot process continues and the second partition is
mounted by cryptsetup during the init.d boot sequence, so it's displayed
in console mode and remove usplash. I don't know if this can be fixed
easily.
Should th
