GNU bug report logs - #30190
27.0.50; term run in line mode shows user passwords

Previous Next

Package: emacs;

Reported by: Tino Calancha <tino.calancha <at> gmail.com>

Date: Sun, 21 Jan 2018 12:17:02 UTC

Severity: normal

Tags: confirmed, fixed, security

Found in versions 27.0.50, 24.3

Fixed in version 26.2

Done: Noam Postavsky <npostavs <at> gmail.com>

Bug is archived. No further changes may be made.

Full log


Message #45 received at 30190 <at> debbugs.gnu.org (full text, mbox):

From: Tino Calancha <tino.calancha <at> gmail.com>
To: Noam Postavsky <npostavs <at> users.sourceforge.net>
Cc: Eli Zaretskii <eliz <at> gnu.org>, 30190 <at> debbugs.gnu.org,
 Tino Calancha <tino.calancha <at> gmail.com>
Subject: Re: bug#30190: 27.0.50; term run in line mode shows user passwords
Date: Sun, 4 Feb 2018 21:47:56 +0900 (JST)
[Message part 1 (text/plain, inline)]

On Sun, 4 Feb 2018, Noam Postavsky wrote:

> Tino Calancha <tino.calancha <at> gmail.com> writes:
>
>> On Sat, 3 Feb 2018, Eli Zaretskii wrote:
>>
>>> My feedback is that such a radical solution with so many lines of code
>>> is a no-no for the release branch.  Please look for a simpler
>>> solution, perhaps don't create a new file?
>> A suitable patch for the next release for discussion below:
>>
>
>> +;; Stolen from comint.el
>> +(defcustom term-password-prompt-regexp
>
>> +  :version "27.1"
That's right.  Well catched, thank you!
Updated patch.
>
> I guess this should say "26.1".  Although maybe we should just use
> comint-password-prompt-regexp in term.el instead?
Part of the fun is to prevent term.el from requiring comint.el as
always has be done; just for using one variable I would not require
comint.el.
--8<-----------------------------cut here---------------start------------->8---
commit 6187b493ded4bdcfd3c6b6fa91333c381fba8913
Author: tino calancha <tino.calancha <at> gmail.com>
Date:   Sun Feb 4 21:43:43 2018 +0900

    Prevent term run in line mode from showing user passwords

    For buffers whose mode derive from comint-mode, the user
    password is read from the minibuffer and it's hidden.
    A buffer in term-mode and line submode, instead shows
    the passwords.
    This commit forces buffers in line term-mode to hide
    passwords (Bug#30190).

    * lisp/term.el (term-password-prompt-regexp): New user option.
    (term-watch-for-password-prompt): New function.

    (term-send-input, term-emulate-terminal): Call it.
    (term-output-filter-hook): New hook.  Add term-watch-for-password-prompt
    to it.

    (term-send-input, term-emulate-terminal): Call the new hook each time
    we receive output.

diff --git a/lisp/term.el b/lisp/term.el
index 3970e93cf1..6fddef6f82 100644
--- a/lisp/term.el
+++ b/lisp/term.el
@@ -558,6 +558,27 @@ term-suppress-hard-newline
 ;; indications of the current pc.
 (defvar term-pending-frame nil)

+;; Stolen from comint.el
+(defcustom term-password-prompt-regexp
+  (concat
+   "\\(^ *\\|"
+   (regexp-opt
+    '("Enter" "enter" "Enter same" "enter same" "Enter the" "enter the"
+      "Old" "old" "New" "new" "'s" "login"
+      "Kerberos" "CVS" "UNIX" " SMB" "LDAP" "PEM" "SUDO"
+      "[sudo]" "Repeat" "Bad" "Retype")
+    t)
+   " +\\)"
+   "\\(?:" (regexp-opt password-word-equivalents) "\\|Response\\)"
+   "\\(?:\\(?:, try\\)? *again\\| (empty for no passphrase)\\| (again)\\)?"
+   ;; "[[:alpha:]]" used to be "for", which fails to match non-English.
+   "\\(?: [[:alpha:]]+ .+\\)?[\\s  ]*[::៖][\\s  ]*\\'")
+  "Regexp matching prompts for passwords in the inferior process.
+This is used by `term-watch-for-password-prompt'."
+  :version "26.1"
+  :type 'regexp
+  :group 'comint)
+
 ;;; Here are the per-interpreter hooks.
 (defvar term-get-old-input (function term-get-old-input-default)
   "Function that submits old text in term mode.
@@ -586,6 +607,17 @@ term-input-filter-functions

 This variable is buffer-local.")

+;;; Stolen from comint.el
+;;;###autoload
+(defvar term-output-filter-hook '(term-watch-for-password-prompt)
+  "Functions to call after output is inserted into the buffer.
+One possible function is `term-watch-for-password-prompt'.
+These functions get one argument, a string containing the text as originally
+inserted.
+
+You can use `add-hook' to add functions to this list
+either globally or locally.")
+
 (defvar term-input-sender (function term-simple-send)
   "Function to actually send to PROCESS the STRING submitted by user.
 Usually this is just `term-simple-send', but if your mode needs to
@@ -2134,7 +2166,8 @@ term-send-input
 	  (set-marker term-pending-delete-marker pmark-val)
 	  (set-marker (process-mark proc) (point)))
 	(goto-char pmark)
-	(funcall term-input-sender proc input)))))
+	(funcall term-input-sender proc input)
+        (run-hook-with-args 'term-output-filter-hook "")))))

 (defun term-get-old-input-default ()
   "Default for `term-get-old-input'.
@@ -2264,6 +2297,21 @@ term-send-invisible
     (term-send-string proc str)
     (term-send-string proc "\n")))

+;;; Stolen from comint.el
+;; TODO: This file share plenty of code with comint.el; it might be worth
+;; to extract the common functionality into a new file.
+(defun term-watch-for-password-prompt (string)
+  "Prompt in the minibuffer for password and send without echoing.
+This function uses `term-send-invisible' to read and send a password to the buffer's
+process if STRING contains a password prompt defined by
+`term-password-prompt-regexp'.
+
+This function could be in the list `term-emulate-terminal'."
+  (when (term-in-line-mode)
+    (when (let ((case-fold-search t))
+	    (string-match term-password-prompt-regexp string))
+      (term-send-invisible nil))))
+

 ;;; Low-level process communication

@@ -3121,6 +3169,8 @@ term-emulate-terminal
 	  (term-handle-deferred-scroll))

 	(set-marker (process-mark proc) (point))
+        ;; Run these hooks with point where the user had it.
+        (run-hook-with-args 'term-output-filter-hook str)
 	(when save-point
 	  (goto-char save-point)
 	  (set-marker save-point nil))
--8<-----------------------------cut here---------------end--------------->8---

This bug report was last modified 6 years and 357 days ago.

Previous Next


GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.