GNU bug report logs -
#30190
27.0.50; term run in line mode shows user passwords
Previous Next
Reported by: Tino Calancha <tino.calancha <at> gmail.com>
Date: Sun, 21 Jan 2018 12:17:02 UTC
Severity: normal
Tags: confirmed, fixed, security
Found in versions 27.0.50, 24.3
Fixed in version 26.2
Done: Noam Postavsky <npostavs <at> gmail.com>
Bug is archived. No further changes may be made.
Full log
Message #98 received at 30190 <at> debbugs.gnu.org (full text, mbox):
> From: Noam Postavsky <npostavs <at> gmail.com>
> Cc: 30190 <at> debbugs.gnu.org, tino.calancha <at> gmail.com
> Date: Wed, 20 Jun 2018 19:28:32 -0400
>
> Eli Zaretskii <eliz <at> gnu.org> writes:
>
> > I'm for fixing this in Emacs 26.2, but I still don't think I
> > understand why the latest patch proposed in the discussion of this bug
> > needs to "steal" so much from comint.el?
> >
> > Also, why does term-watch-for-password-prompt need to be invoked via a
> > hook?
>
> I don't these things are really required; as far as I understand, Tino
> did it that way in order to be safer: the "stealing" is to avoid loading
> comint.el, and using the hook is to keep the code closer to the already
> working example it's being copied from.
Why is it a problem to load comint? Either in this case or even
always?
As for the hook: it looks strange to me to use hooks for this purpose,
since IMO we are supposed to refrain from doing that as much as
possible.
This bug report was last modified 6 years and 358 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.