GNU bug report logs - #8427
[SECURITY] sql.el -- comint process passwords are leaked to ps(1) listing

Previous Next

Package: emacs;

Reported by: Jari Aalto <jari.aalto <at> cante.net>

Date: Tue, 5 Apr 2011 11:28:01 UTC

Severity: normal

Tags: security

Found in version 23.2+1-7

Fixed in version 29.1

Done: Stefan Kangas <stefan <at> marxist.se>

Bug is archived. No further changes may be made.

Full log

Message #101 received at 8427 <at> debbugs.gnu.org (full text, mbox):

From: Eli Zaretskii <eliz <at> gnu.org>
To: Stefan Kangas <stefan <at> marxist.se>
Cc: michael.albinus <at> gmx.de, larsi <at> gnus.org, 8427 <at> debbugs.gnu.org,
 mmauger <at> protonmail.com, ahyatt <at> gmail.com
Subject: Re: bug#8427: [SECURITY] sql.el -- comint process passwords are
 leaked to ps(1) listing
Date: Wed, 13 Oct 2021 21:26:29 +0300

> From: Stefan Kangas <stefan <at> marxist.se>
> Date: Wed, 13 Oct 2021 10:47:37 -0700
> Cc: Lars Ingebrigtsen <larsi <at> gnus.org>, "michael.albinus <at> gmx.de" <michael.albinus <at> gmx.de>, Eli Zaretskii <eliz <at> gnu.org>, 
> 	"8427 <at> debbugs.gnu.org" <8427 <at> debbugs.gnu.org>, Andrew Hyatt <ahyatt <at> gmail.com>
> 
> Michael Mauger <mmauger <at> protonmail.com> writes:
> 
> > I'm fine with this.  I remember this vaguely and think we are all set. Let's
> > get it committed and we'll give it some attention/testing before the release
> 
> Thanks, I guess we need one of our maintainers to approve this before
> pushing this to emacs-28.  Otherwise, it should go to master.

I'm okay with installing this on the release branch if Michael thinks
it's safe enough.

This bug report was last modified 3 years and 201 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #8427 [SECURITY] sql.el -- comint process passwords are leaked to ps(1) listing

GNU bug report logs - #8427
[SECURITY] sql.el -- comint process passwords are leaked to ps(1) listing