GNU bug report logs - #30190
27.0.50; term run in line mode shows user passwords

Previous Next

Package: emacs;

Reported by: Tino Calancha <tino.calancha <at> gmail.com>

Date: Sun, 21 Jan 2018 12:17:02 UTC

Severity: normal

Tags: confirmed, fixed, security

Found in versions 27.0.50, 24.3

Fixed in version 26.2

Done: Noam Postavsky <npostavs <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

Message #155 received at 30190 <at> debbugs.gnu.org (full text, mbox):

From: Noam Postavsky <npostavs <at> gmail.com>
To: Eli Zaretskii <eliz <at> gnu.org>
Cc: 30190 <at> debbugs.gnu.org, monnier <at> IRO.UMontreal.CA, tino.calancha <at> gmail.com
Subject: Re: bug#30190: 27.0.50; term run in line mode shows user passwords
Date: Mon, 23 Jul 2018 08:22:21 -0400

tags 30190 fixed
close 30190 26.2
quit

Eli Zaretskii <eliz <at> gnu.org> writes:

>> From: Noam Postavsky <npostavs <at> gmail.com>
>> Cc: Eli Zaretskii <eliz <at> gnu.org>,  30190 <at> debbugs.gnu.org,  Tino Calancha <tino.calancha <at> gmail.com>
>> Date: Sun, 22 Jul 2018 14:33:18 -0400
>> 
>> Stefan Monnier <monnier <at> IRO.UMontreal.CA> writes:
>> 
>> >> -    (setq str (term-read-noecho "Non-echoed text: " t)))
>> >> +    (setq str (read-passwd "Non-echoed text: ")))
>> >
>> > I believe this remove the last use of term-read-noecho, so I think we
>> > can then get rid of it (or at least mark it obsolete).
>> 
>> Makes sense.  I guess the obsoletion should go to master?
>> 
>> Eli, is the patch in #131 okay for emacs-26?
>> 
>> https://debbugs.gnu.org/cgi/bugreport.cgi?bug=30190#131
>
> Yes, thanks.

Pushed to emacs-26.

[1: 2b70b54739]: 2018-07-23 08:20:07 -0400
  Prevent line-mode term from showing user passwords
  https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=2b70b54739a8a422aff85f0183fb69eb339c35d4
This bug report was last modified 6 years and 357 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.