GNU bug report logs - #17839
24.4.50; read-passwd echoes password input in non-interactive sessions

Previous Next

Package: emacs;

Reported by: Sebastian Wiesner <swiesner <at> lunaryorn.com>

Date: Mon, 23 Jun 2014 15:37:02 UTC

Severity: normal

Found in version 24.4.50

Fixed in version 24.4

Done: Glenn Morris <rgm <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

Message #14 received at 17839 <at> debbugs.gnu.org (full text, mbox):

From: Glenn Morris <rgm <at> gnu.org>
To: Sebastian Wiesner <swiesner <at> lunaryorn.com>
Cc: Andreas Schwab <schwab <at> suse.de>, 17839 <at> debbugs.gnu.org
Subject: Re: bug#17839: 24.4.50;
 read-passwd echoes password input in non-interactive sessions
Date: Tue, 24 Jun 2014 14:41:51 -0400

Sebastian Wiesner wrote:

>> Batch mode isn't designed for interaction. It uses standard I/O,
>> oblivious to who is consuming the input.
>
> In this case `read-passwd' should at least signal an error when called
> in non-interactive mode,

I think that would be overkill.

> and have a warning in its doctoring.

A notice perhaps.

> Currently it is simply insecure in non-interactive mode, and neither
> its docstring nor the Emacs Lisp manual document that the password is
> exposed when called in non-interactive mode.

It's in the manual section on minibuffer input, and in batch mode there
is no minibuffer. For example, read-file-name doesn't offer completion
in batch-mode. It doesn't provide history. ctrl-k doesn't work. Etc.
I see no point in mentioning these things in the doc-string of every
function that uses the minibuffer.

But yes, read-passwd is a slightly special case and could stand to
mention batch mode in its doc.
This bug report was last modified 10 years and 295 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.