Gustavo Noronha <[email protected]> writes: > Sounds good! Would you provide a patch to the manpage, explaining these > issues?
Would the attached patch do?
--- gksu-2.0.2/man/gksu.1.orig 2009-05-05 09:50:33.000000000 +0000 +++ gksu-2.0.2/man/gksu.1 2009-05-05 09:58:37.000000000 +0000 @@ -36,6 +36,12 @@ program will display a small window that allows you to type in a command to be run, and to select what user the program should be run as. The other options are disregarded, right now, in this mode. +.PP +.B gksu +tries to "lock" the keyboard, mouse and focus to prevent other +applications from being able to read the password. However, this is +ineffective since malicious applications can still use ptrace() to +capture the password. See Debian bug #474024 for more info. .SH OPTIONS \fB\-\-debug\fR, \fB\-d\fR .IP
