From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <wagner@tansi.org>
Received: from mail.saout.de ([127.0.0.1])
 by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 68znLEoX7deX for <dm-crypt@saout.de>;
 Thu, 16 Aug 2012 00:34:12 +0200 (CEST)
Received: from v4.tansi.org (ns.km33513-03.keymachine.de [87.118.94.3])
 by mail.saout.de (Postfix) with ESMTP
 for <dm-crypt@saout.de>; Thu, 16 Aug 2012 00:34:12 +0200 (CEST)
Received: from gatewagner.dyndns.org (84-72-142-78.dclient.hispeed.ch
 [84.72.142.78]) by v4.tansi.org (Postfix) with ESMTPA id EB9422065DC
 for <dm-crypt@saout.de>; Thu, 16 Aug 2012 00:34:11 +0200 (CEST)
Date: Thu, 16 Aug 2012 00:34:11 +0200
From: Arno Wagner <arno@wagner.name>
Message-ID: <20120815223411.GA32081@tansi.org>
References: <CAM0nabFuMnSaXV4-edT6G3-bm49x+GX3WBy5X9nZvtrBvbmbZQ@mail.gmail.com>
 <20120814225021.GA18290@tansi.org>
 <CAM0nabGz9rNoScQMYywXN17sN56mEwtXejUD7LOhW4MwEB1Rww@mail.gmail.com>
 <502BC3C1.3020602@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <502BC3C1.3020602@gmail.com>
Subject: Re: [dm-crypt] Secret data from stdin
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: dm-crypt@saout.de

On Wed, Aug 15, 2012 at 05:44:01PM +0200, Milan Broz wrote:
> On 08/15/2012 05:12 PM, Kent Yoder wrote:
> 
> >   Yep, I am out of date here.  What do you think about a code change
> > that woudl print a big fat warning if non-ascii bytes are detected on
> > stdin?  Not changing the behavior (we don't want to break people who
> > might be already doing this), but just a warning.
> 
> No please.
> Anything what prints any information about passphrase to screen, log etc.
> is not acceptable, it provides info which should not be seen anywhere.

I agree. And in addition what non-ascii is has become fuzzy with
Unicode. The non-ascii and even potential newlines may be just what
the user wanted to be in there.
 
> I know that \n handling is problematic, but there is huge amount of
> scripts using this redirection. We cannot simply change it.
> (At least not for current CLI commands.)

I think it works reasonably well at this time and there is
ample warning in the man-page. If somebody insists on
shooting themselves in the foot, they will always find a 
way to do so.

Maybe we could think about a '--give-lots-of-paranoid-warnings'
option some time in the future. 

Arno
-- 
Arno Wagner,    Dr. sc. techn., Dipl. Inform.,   Email: arno@wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
One of the painful things about our time is that those who feel certainty 
are stupid, and those with any imagination and understanding are filled 
with doubt and indecision. -- Bertrand Russell