X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; q=dns; s= default; b=OvrgC6uwibWrQHxTlphYrex5yRN2obXEMBpamfwLj3sETqd8+3zV+ 5SOSYy4BKoiwA98Sddw3XRdmJXUC3SSTK/GyVIMAN18EQTQ0AgFk+pwuKNyZdCXu rOpQpuz2wmKB1x7Q2HYf2K6kxJtnLSIH7aZW+0/6no28X/oKXmoowU= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; s=default; bh=H3xIgDZ7Zhw4aab+QsCVdi9QcC8=; b=vnPY7nMNsMT1RgN+aFwCfOwTKoUH rDP2SX4Ea/6QP5feQrVeU7cMmUI+0lXhH58wjWR6kVktONmmQ8PbpfF4ljABFbxw heS02+wCCT0iyfRA5BzFLMgIrhzDbFXIcnbVBgRzatq280duChc+4a6fe5yBoTmO heqe4fW+qTqvo9I= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-5.0 required=5.0 tests=AWL,BAYES_20 autolearn=ham version=3.3.2 X-HELO: calimero.vinschen.de Date: Tue, 5 Aug 2014 10:17:39 +0200 From: Corinna Vinschen To: cygwin AT cygwin DOT com Subject: Re: passwd (cygwin) 1.7.31 ignores keyboard interrupts Message-ID: <20140805081739.GC2868@calimero.vinschen.de> Reply-To: cygwin AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="Sr1nOIr3CvdE5hEN" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) --Sr1nOIr3CvdE5hEN Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Aug 4 13:40, Doug Henderson wrote: > The password utility /bin/passwd ignores the ^C and ^D interrupt > characters in mintty in my 64-bit only cygwin environment. That's kind of by design. The passwd tool uses the getpass function. The getpass function is written so that it ignores any soft tty signal (^C, ^D, ^Z) during password input for security reasons. This is in line with the Linux/Glibc implementation. > This can lead to inadvertent password changes, possibly requiring a > lengthy or complex password recovery or reset. I see. The problem here is that passwd is using the getpass function. It should (probably) either use another input function or it should explicitely test for ^C, ^D, and ^Z characters in the input string to workaround the getpass security restriction. The latter would allow to disregard the input string and exiting passwd after the user pressed . I'll look into it at one point, but I also wouldn't be too unhappy about a patch. Please see https://cygwin.com/contrib.html Thanks, Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --Sr1nOIr3CvdE5hEN Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJT4JMjAAoJEPU2Bp2uRE+gkpEQAJar3DArqSAhh3ad9+Icnuz5 NIaOTg1ml5fZiAuDmOX+qSRrnRgaz4Le6IAZ/wAcOzEXS4UdolhbNV60AzX6hLQV W4jpBveDHMS+wb+jkusiggGwyJ8yO1HHw7Ve8g0udZwAbrPgexYrK4CZ4E3qPt+5 vuS9bAfqjM4Tb0KCUOxaJrSHlvhj/+I7uWk6Zpb1GdfLlcjaW8f1X/pCusEYmXgH fNRv1ABznyrP9mHHcbG68gRlKIJD7K44W30MBZgI6Gx6CfrAf4R7aMUHr9V2pwM7 x6VL7CbR8cGP0VFv1E5zPKiNwo7yJPZ2d3IDVioULYc7eV712mziQNHJGFYetrjC EXn0qrzW8Pn4NTOXYVUUg5J4+M9+GLS5OOOkCGqIAdEewpk4JBa5X3bvzjpn4IHp SIRPeN75H5nhiJXXYw+AE9PholE8ZmY9h4K9nbAFtimJQ8ek/BwHWTH6ckxCA3Lx 1Y4+VsvLoihJOo+gZuY0UP1/CVksweKqOh3v/XJAIjlcJ+QDLOMkEuk0tiwubVIr f0YB6rRNhJgq4By4FEiGpEY931uOv+k4tJmmGCf2bAHSPy0Kt+C27GJbRN7EV4Eu nfrdzeOUeJeGieKe9Ohx+ykOH5bNEmBX4VWpPTQX8zISb7u9oBrf/pczdV68k51o ZuociAalitHyxJwMXagz =ts6g -----END PGP SIGNATURE----- --Sr1nOIr3CvdE5hEN--