GNU bug report logs - #30190
27.0.50; term run in line mode shows user passwords

Previous Next

Package: emacs;

Reported by: Tino Calancha <tino.calancha <at> gmail.com>

Date: Sun, 21 Jan 2018 12:17:02 UTC

Severity: normal

Tags: confirmed, fixed, security

Found in versions 27.0.50, 24.3

Fixed in version 26.2

Done: Noam Postavsky <npostavs <at> gmail.com>

Bug is archived. No further changes may be made.

Full log


View this message in rfc822 format

From: Tino Calancha <tino.calancha <at> gmail.com>
To: Noam Postavsky <npostavs <at> gmail.com>
Cc: Eli Zaretskii <eliz <at> gnu.org>, 30190 <at> debbugs.gnu.org, tino.calancha <at> gmail.com
Subject: bug#30190: 27.0.50; term run in line mode shows user passwords
Date: Thu, 21 Jun 2018 10:31:01 +0900 (JST)

On Wed, 20 Jun 2018, Noam Postavsky wrote:

> Eli Zaretskii <eliz <at> gnu.org> writes:
>
>> I'm for fixing this in Emacs 26.2, but I still don't think I
>> understand why the latest patch proposed in the discussion of this bug
>> needs to "steal" so much from comint.el?
>>
>> Also, why does term-watch-for-password-prompt need to be invoked via a
>> hook?
>
> I don't these things are really required; as far as I understand, Tino
> did it that way in order to be safer: the "stealing" is to avoid loading
> comint.el, and using the hook is to keep the code closer to the already
> working example it's being copied from.
Exactly, I almost forgot this stuff.  Noam now understands my patch better
than me.  Feel free to adjust it as you wish, you are very smart.




This bug report was last modified 6 years and 357 days ago.

Previous Next


GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.