>>>>> "Feico" == Feico Dillema <dillema@acm.org> writes:
    Feico> Opinion: I think this should be regarded as a security bug, although minor.
    Feico> The usefulness of allowing control characters seems rather limited to me,
    Feico> as these are often difficult to reproduce on different 
    Feico> systems/keyboards/configurations. I think the `passwd' command

  On the other hand, I can think of no better way to force root logins to
be from a particular set of keyboard(s), perhaps with specific keymaps
loaded.
  Maybe passwd should complain once, but for root, let you continue anyway.

    Feico> such a password is rather weak, it has about the strength of a four digit 
    Feico> password where an 8 digit is expected.

  Unless the attacker knows that the keyboard was in numlock mode, they still
have to brute force all 8 digit passwords.

   :!mcr!:            |  "Elegant and extremely rapid for calculation are the 
   Michael Richardson | techniques of Young tableaux. They also have the merit
                      | of being fun to play with." - p.47 Intro to Quarks&Partons
 Personal: mcr@sandelman.ottawa.on.ca. PGP key available.
 Corporate: sales@sandelman.ottawa.on.ca.