GNU bug report logs -
#5664
view-lossage may show passwords and sensitive information
Previous Next
Full log
View this message in rfc822 format
Lars Magne Ingebrigtsen <larsi <at> gnus.org> writes:
> Thierry Volpiatto <thierry.volpiatto <at> gmail.com> writes:
>
>> For eshell i didn't find good solution appart putting in my .emacs:
>>
>> (setenv "LC_ALL" "C")
>>
>> Work fine but may create other encoding problems in others places.
>>
>> The best thing should be that all emacs shell don't obey to locale
>> setting for password prompt, i thing the word "password" in
>> international well known.
>
> You mean setting LC_ALL to C for all subshells? I'm not sure that's
> what most people would want.
This have been fixed long time ago by using an alias in eshell for
su/sudo. (don't use globally LC_ALL=C)
alias su LC_ALL=C *su -l
alias sudo *sudo -p Password: $*
> But having the passwords show up in clear
> text in the shell buffers is totally icky, too. (I just fixed comint to
> do the password recognition for the
Be careful when modifying the prompt regexp of shell/eshell:
All go well in most cases, but can create bad bugs in other places like
python shell.
e.g in a python-shell:
A = raw_input("prompt: ")
Will ask you for password!
> [larsi <at> quimbies ~/src/emacs/trunk/lisp]$ ssh root <at> quimby
> Password:
> Response:
>
> case just now, though.)
>
> But for other locales: Perhaps Shell mode should have an interactive
> function like `M-x shell-query-password', so that people can trigger the
> non-echoing entry mode at will? Or perhaps a keystroke to switch off
> echoing, that would be ended when typing RET?
--
A+ Thierry
Get my Gnupg key:
gpg --keyserver pgp.mit.edu --recv-keys 59F29997
This bug report was last modified 11 years and 119 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.