From: "Pedro J. V. Mendes" via "Bug reports for GNU Emacs, the Swiss army knife of text editors" <bug-gnu-emacs@gnu.org>
To: 45413@debbugs.gnu.org
Subject: bug#45413: Password exposure on SSH login
Date: Thu, 24 Dec 2020 23:13:41 +0000 [thread overview]
Message-ID: <1ef6190e-90eb-4746-8f45-8901d4aa9bd2@ist.utl.pt> (raw)
Within <M-x shell>, on SSH login (e.g.) to sigma.ist.utl.pt, the
password was
visible during typing and recorded to history (accessible through M-p).
In GNU Emacs 27.1 (build 1, x86_64-pc-linux-gnu, GTK+ Version 3.24.20,
cairo version 1.16.0)
of 2020-11-30 built on lcy01-amd64-021
Repository revision: b65eeac9613c62aaa0e4408dba8d795c07ea1f11
Repository branch: master
Windowing system distributor 'The X.Org Foundation', version 11.0.12008000
System Description: Ubuntu 20.04.1 LTS
Recent messages:
C-x * (Type ? for a list of Calc options)
Welcome to the GNU Emacs Calculator! Press ‘?’ or ‘h’ for help, ‘q’ to quit
C-c M-p is undefined
ESC M-p is undefined
History item: 8
History item: 17 [3 times]
History item: 23
History item: 105
Mark saved where search started
~/Programs.dev
Quit
Configured using:
'configure --prefix=/snap/emacs/current/usr --with-x-toolkit=gtk3
--without-xaw3d --with-modules --with-cairo
'CFLAGS=-isystem/build/emacs/parts/emacs/install/usr/include -O2'
CPPFLAGS=-isystem/build/emacs/parts/emacs/install/usr/include
'LDFLAGS=-L/build/emacs/parts/emacs/install/lib
-L/build/emacs/parts/emacs/install/usr/lib
-L/build/emacs/parts/emacs/install/lib/x86_64-linux-gnu
-L/build/emacs/parts/emacs/install/usr/lib/x86_64-linux-gnu''
Configured features:
XPM JPEG TIFF GIF PNG RSVG CAIRO SOUND GPM DBUS GSETTINGS GLIB NOTIFY
INOTIFY ACL LIBSELINUX GNUTLS LIBXML2 FREETYPE HARFBUZZ M17N_FLT LIBOTF
ZLIB TOOLKIT_SCROLL_BARS GTK3 X11 XDBE XIM MODULES THREADS LIBSYSTEMD
JSON PDUMPER LCMS2 GMP
Important settings:
value of $LC_CTYPE: pt_PT.UTF-8
value of $LC_MONETARY: pt_PT.UTF-8
value of $LC_NUMERIC: pt_PT.UTF-8
value of $LC_TIME: pt_PT.UTF-8
value of $LANG: en_US.UTF-8
locale-coding-system: utf-8-unix
Major mode: Shell
Minor modes in effect:
shell-dirtrack-mode: t
tooltip-mode: t
global-eldoc-mode: t
electric-indent-mode: t
mouse-wheel-mode: t
tool-bar-mode: t
menu-bar-mode: t
file-name-shadow-mode: t
global-font-lock-mode: t
font-lock-mode: t
blink-cursor-mode: t
auto-composition-mode: t
auto-encryption-mode: t
auto-compression-mode: t
line-number-mode: t
transient-mark-mode: t
Load-path shadows:
None found.
Features:
(shadow sort mail-extr emacsbug message rmc puny dired dired-loaddefs
format-spec rfc822 mml mml-sec password-cache epa derived epg epg-config
gnus-util rmail rmail-loaddefs text-property-search mm-decode mm-bodies
mm-encode mail-parse rfc2231 mailabbrev gmm-utils mailheader sendmail
rfc2047 rfc2045 ietf-drums mm-util mail-prsvr mail-utils misearch
multi-isearch shell pcomplete comint ansi-color ring calc-misc calc-menu
calc calc-loaddefs calc-macs cl-seq cl-extra help-mode seq byte-opt gv
bytecomp byte-compile cconv mule-util jka-compr info easymenu desktop
frameset time-date subr-x cl-loaddefs cl-lib tooltip eldoc electric
uniquify ediff-hook vc-hooks lisp-float-type mwheel term/x-win x-win
term/common-win x-dnd tool-bar dnd fontset image regexp-opt fringe
tabulated-list replace newcomment text-mode elisp-mode lisp-mode
prog-mode register page tab-bar menu-bar rfn-eshadow isearch timer
select scroll-bar mouse jit-lock font-lock syntax facemenu font-core
term/tty-colors frame minibuffer cl-generic cham georgian utf-8-lang
misc-lang vietnamese tibetan thai tai-viet lao korean japanese eucjp-ms
cp51932 hebrew greek romanian slovak czech european ethiopic indian
cyrillic chinese composite charscript charprop case-table epa-hook
jka-cmpr-hook help simple abbrev obarray cl-preloaded nadvice loaddefs
button faces cus-face macroexp files text-properties overlay sha1 md5
base64 format env code-pages mule custom widget hashtable-print-readable
backquote threads dbusbind inotify lcms2 dynamic-setting
system-font-setting font-render-setting cairo move-toolbar gtk x-toolkit
x multi-tty make-network-process emacs)
Memory information:
((conses 16 78891 11520)
(symbols 48 8571 1)
(strings 32 24487 1987)
(string-bytes 1 741438)
(vectors 16 13491)
(vector-slots 8 177087 12800)
(floats 8 51 33)
(intervals 56 970 0)
(buffers 1000 17))
next reply other threads:[~2020-12-24 23:13 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-24 23:13 Pedro J. V. Mendes via Bug reports for GNU Emacs, the Swiss army knife of text editors [this message]
2020-12-25 1:30 ` bug#45413: Password exposure on SSH login Unknown
2020-12-25 1:30 ` Unknown
[not found] ` <809655bd-59b7-16cc-1cb3-f45608315e44@ist.utl.pt>
2020-12-25 11:48 ` Unknown
2020-12-25 12:01 ` Pedro J. V. Mendes via Bug reports for GNU Emacs, the Swiss army knife of text editors
2020-12-25 20:45 ` Unknown
2020-12-25 21:29 ` João Távora
2020-12-25 21:45 ` Pedro J. V. Mendes via Bug reports for GNU Emacs, the Swiss army knife of text editors
2020-12-25 21:59 ` João Távora
2020-12-25 22:19 ` Pedro J. V. Mendes via Bug reports for GNU Emacs, the Swiss army knife of text editors
2020-12-25 20:45 ` Unknown
2020-12-28 7:21 ` Stefan Kangas
2020-12-28 10:49 ` Pedro J. V. Mendes via Bug reports for GNU Emacs, the Swiss army knife of text editors
2021-01-27 7:03 ` Lars Ingebrigtsen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1ef6190e-90eb-4746-8f45-8901d4aa9bd2@ist.utl.pt \
--to=bug-gnu-emacs@gnu.org \
--cc=45413@debbugs.gnu.org \
--cc=pedro.mendes@ist.utl.pt \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).