GNU bug report logs - #8427
[SECURITY] sql.el -- comint process passwords are leaked to ps(1) listing

Previous Next

Package: emacs;

Reported by: Jari Aalto <jari.aalto <at> cante.net>

Date: Tue, 5 Apr 2011 11:28:01 UTC

Severity: normal

Tags: security

Found in version 23.2+1-7

Fixed in version 29.1

Done: Stefan Kangas <stefan <at> marxist.se>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Jari Aalto <jari.aalto <at> cante.net>
To: 8427 <at> debbugs.gnu.org
Subject: bug#8427: [SECURITY] sql.el -- comint process passwords are leaked to ps(1) listing
Date: Tue, 05 Apr 2011 14:27:03 +0300

Package: emacs
Version: 23.2+1-7
Severity: serious
Tags: security

There is a big security problem with sql.el:

    M-x sql-mysql
    <Fill in the connection details: user, password ...>

At command line, anyone in multi-user environment can dig out the
passwords:

   $ ps -ef -o user,pid,args | grep mysql       # ps(1) under SUN/Solaris
   foo  9599 /usr/local/bin/mysql --user=foo --password=123456 --host=db.example.com
   bar  3732 /usr/local/bin/mysql --user=bar --password=abcdef --host=db.example.com

Jari

P.S mysql(1) mentions that you can set database options in ~/.my.cnf file.

MySQL case, there is in manual page:

-- System Information
Debian Release: wheezy/sid
  APT Prefers testing
  APT policy: (990, testing) (500, unstable) (1, experimental)
Architecture: amd64
Kernel: Linux picasso 2.6.32-5-amd64 #1 SMP Wed Jan 12 03:40:32 UTC 2011 x86_64 GNU/Linux
Locale: LANG=en_US.UTF-8, LC_ALL=

-- Versions of packages `emacs depends on'.
Depends:
emacs23         23.2+1-7        GNU Emacs is the extensible self-documenting
emacs23-lucid   23.2+1-7        GNU Emacs is the extensible self-documenting
emacs23-nox     23.2+1-7        GNU Emacs is the extensible self-documenting
This bug report was last modified 3 years and 201 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.