GNU bug report logs - #8427
[SECURITY] sql.el -- comint process passwords are leaked to ps(1) listing

Previous Next

Package: emacs;

Reported by: Jari Aalto <jari.aalto <at> cante.net>

Date: Tue, 5 Apr 2011 11:28:01 UTC

Severity: normal

Tags: security

Found in version 23.2+1-7

Fixed in version 29.1

Done: Stefan Kangas <stefan <at> marxist.se>

Bug is archived. No further changes may be made.

Full log

Message #68 received at 8427 <at> debbugs.gnu.org (full text, mbox):

From: Eli Zaretskii <eliz <at> gnu.org>
To: Michael Mauger <mmauger <at> protonmail.com>
Cc: ahyatt <at> gmail.com, 8427 <at> debbugs.gnu.org, stefan <at> marxist.se
Subject: Re: bug#8427: [SECURITY] sql.el -- comint process passwords are
 leaked to ps(1) listing
Date: Wed, 18 Dec 2019 18:57:32 +0200

> Cc: "8427 <at> debbugs.gnu.org" <8427 <at> debbugs.gnu.org>,
>  Stefan Kangas <stefan <at> marxist.se>
> Date: Wed, 18 Dec 2019 12:45:27 +0000
> From: Michael Mauger via "Bug reports for GNU Emacs,
>  the Swiss army knife of text editors" <bug-gnu-emacs <at> gnu.org>
> 
> I had a chance to look at this last night; I've had a couple of days away from home and took advantage of it. Below is my first take on the changes to comint.el needed to add a hook that we could use in sql.el to supply the password. I think we ought to run this by emacs-devel and Eli before merging it.

I'm okay with adding this hook, but please mention this hook and its
rationale in NEWS.

Please also feel free to ask on emacs-devel for comments, if you want.

Thanks.
This bug report was last modified 3 years and 201 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.