On 3 May 2013 15:26, Dan Mashal dan.mashal@gmail.com wrote:
On Fri, May 3, 2013 at 2:17 PM, Chris Murphy lists@colorremedies.com wrote:
On May 3, 2013, at 2:04 PM, Dan Mashal dan.mashal@gmail.com wrote:
I believe that this is a major security risk and that this is a new UI change going forward and this is not a bug.
Do you think this is a good idea?
No. I think it's a bug, and a bug should be filed on it.
Chris Murphy
devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
It was.
And closed as NOTABUG.
https://bugzilla.redhat.com/show_bug.cgi?id=959541 https://bugzilla.redhat.com/show_bug.cgi?id=958608
So I just wanted to email other intelligent people and see if I was crazy or stupid.
I would have to say that this would be considered a security bug in certain environments as the security controls assume that the password is not visible and can't be made visible if the person typing in gets distracted (intentionally or unintentionally) and removed from the desk for a short time.
Dan
devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel