GNU bug report logs -
#58985
29.0.50; Have auth-source-pass behave more like other back ends
Previous Next
Reported by: "J.P." <jp <at> neverwas.me>
Date: Thu, 3 Nov 2022 13:52:02 UTC
Severity: wishlist
Tags: patch
Found in version 29.0.50
Done: "J.P." <jp <at> neverwas.me>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
Akib Azmain Turja via "Bug reports for GNU Emacs, the Swiss army knife
of text editors" <bug-gnu-emacs <at> gnu.org> writes:
> Michael Albinus <michael.albinus <at> gmx.de> writes:
>
>> "J.P." <jp <at> neverwas.me> writes:
>>
>> Hi,
>>
>>> v2. Respect existing user option.
>>
>> I'm not familiar with the auth-source-pass.el implementation, so I
>> cannot speak too much about your patch. Reading it roughly, I haven't
>> found serious flaws, 'tho.
>
> It has a serious flaw AFAIK. I have a password entry
> "akib <at> disroot.org", and this legitimate search query doesn't find it:
>
> (auth-source-search :host "disroot.org")
>
> But if specify the user, it finds the entry:
>
> (auth-source-search :host "disroot.org" :user "akib")
>
> And the entries can also be ambiguous. For example, the entry at path
> "foo.org/bar.net" might be interpreted as the password of bar.net, or
> as the password of the user "bar.net" on "foo.org". The current
> implementation seems to interpret such entries unpredictably.
>
I mean, the current implementation, not the patch.
--
Akib Azmain Turja --- https://akib.codeberg.page/
GPG key: 70018CE5819F17A3BBA666AFE74F0EFA922AE7F5
Fediverse: akib <at> hostux.social, Codeberg: akib
emailselfdefense.fsf.org | "Nothing can be secure without encryption."
[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 2 years and 223 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.