Re: 2.4.22-pre7: are security issues solved?

• Next message: Adrian Bunk: "Re: Promise SATA driver GPL'd"
• Previous message: Takashi Iwai: "Re: Oops with snd_via82xx and oss-emu on 2.6.0-test1"
• In reply to: Herbert Xu: "Re: 2.4.22-pre7: are security issues solved?"
• Next in thread: Herbert Xu: "Re: 2.4.22-pre7: are security issues solved?"
• Reply: Herbert Xu: "Re: 2.4.22-pre7: are security issues solved?"
• Reply: Herbert Xu: "Re: 2.4.22-pre7: are security issues solved?"
• Reply: Ville Herva: "Re: 2.4.22-pre7: are security issues solved?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 23 Jul 2003 19:56:47 +1000
Herbert Xu <herbert@gondor.apana.org.au> wrote:

> Aschwin Marsman <a.marsman@aynik.com> wrote:
> >
> >> CAN-2003-0461: /proc/tty/driver/serial reveals the exact character counts
> >> for serial links. This could be used by a local attacker to infer password
> >> lengths and inter-keystroke timings during password entry.
>
> What's the problem with exposing those counters?

If I know your password is 7 characters I have a smaller
space of passwords to search to just brute-force it.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Adrian Bunk: "Re: Promise SATA driver GPL'd"
• Previous message: Takashi Iwai: "Re: Oops with snd_via82xx and oss-emu on 2.6.0-test1"
• In reply to: Herbert Xu: "Re: 2.4.22-pre7: are security issues solved?"
• Next in thread: Herbert Xu: "Re: 2.4.22-pre7: are security issues solved?"
• Reply: Herbert Xu: "Re: 2.4.22-pre7: are security issues solved?"
• Reply: Herbert Xu: "Re: 2.4.22-pre7: are security issues solved?"
• Reply: Ville Herva: "Re: 2.4.22-pre7: are security issues solved?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed Jul 23 2003 - 22:00:48 EST