From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: Noam Postavsky Newsgroups: gmane.emacs.bugs Subject: bug#30190: 27.0.50; term run in line mode shows user passwords Date: Wed, 18 Jul 2018 07:56:44 -0400 Message-ID: <878t6892pv.fsf@gmail.com> References: <87r2qjh0fs.fsf@gmail.com> <87mv17nwe4.fsf@users.sourceforge.net> <87efm259s5.fsf@gmail.com> <83vafe9f16.fsf@gnu.org> <87wozfkt9t.fsf@gmail.com> <87o9kiejd4.fsf@gmail.com> <83606q6xr7.fsf@gnu.org> <873718qpme.fsf@gmail.com> <87in6erte5.fsf@gmail.com> <83efh1s9s3.fsf@gnu.org> <87602drqan.fsf@gmail.com> <8336xgsvt3.fsf@gnu.org> NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Trace: blaine.gmane.org 1531914912 7337 195.159.176.226 (18 Jul 2018 11:55:12 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Wed, 18 Jul 2018 11:55:12 +0000 (UTC) User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) Cc: 30190@debbugs.gnu.org, Tino Calancha To: Stefan Monnier Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Wed Jul 18 13:55:08 2018 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ffl2u-0001gI-Ci for geb-bug-gnu-emacs@m.gmane.org; Wed, 18 Jul 2018 13:55:04 +0200 Original-Received: from localhost ([::1]:36044 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ffl4z-0004sw-KS for geb-bug-gnu-emacs@m.gmane.org; Wed, 18 Jul 2018 07:57:13 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:47156) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ffl4r-0004so-Jl for bug-gnu-emacs@gnu.org; Wed, 18 Jul 2018 07:57:06 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ffl4o-0007u8-IR for bug-gnu-emacs@gnu.org; Wed, 18 Jul 2018 07:57:05 -0400 Original-Received: from debbugs.gnu.org ([208.118.235.43]:41172) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1ffl4o-0007to-C7 for bug-gnu-emacs@gnu.org; Wed, 18 Jul 2018 07:57:02 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1ffl4n-0002iX-T9 for bug-gnu-emacs@gnu.org; Wed, 18 Jul 2018 07:57:01 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Noam Postavsky Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Wed, 18 Jul 2018 11:57:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 30190 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: confirmed security Original-Received: via spool by 30190-submit@debbugs.gnu.org id=B30190.153191501410430 (code B ref 30190); Wed, 18 Jul 2018 11:57:01 +0000 Original-Received: (at 30190) by debbugs.gnu.org; 18 Jul 2018 11:56:54 +0000 Original-Received: from localhost ([127.0.0.1]:46190 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ffl4f-0002iA-VE for submit@debbugs.gnu.org; Wed, 18 Jul 2018 07:56:54 -0400 Original-Received: from mail-it0-f45.google.com ([209.85.214.45]:53563) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ffl4d-0002hu-LC for 30190@debbugs.gnu.org; Wed, 18 Jul 2018 07:56:52 -0400 Original-Received: by mail-it0-f45.google.com with SMTP id 72-v6so3725488itw.3 for <30190@debbugs.gnu.org>; Wed, 18 Jul 2018 04:56:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:references:date:in-reply-to:message-id :user-agent:mime-version; bh=RRtywVZqrDIs3CNBGQ7d1pvN+9IBQycZc1fnSubwnmQ=; b=tjsN3Bfor9OVKy2qWwFtsECXICYXGUtUrXByEbmYcWZyAn3rghKXQCFiRtBCmjrq1a nDJPOAbww5Mru6ctCuPKXYQamzURUYCaoc6XCJA6rrL2grCRzXOHVyfdQLuJVsZjmDaN K+zzHEl/+BR36vcc0CA1Zc7pyddjQnZXLZnkOE6gFT9PPFr7uAs09tUwnhCBRkfQJ8O5 +gWXJxIurzfs6PpYefnPqYZqcxmBXtf4p3XBgT2hycqQW0WPHHqeeCjl1YCerc236JCc jsWi8S7N5TMHP1OHsaldZXVJ18n4HIoJPH/hC/YC3I4JxPbZEZkDgVOU0jWASfKZCIWj DLWQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to :message-id:user-agent:mime-version; bh=RRtywVZqrDIs3CNBGQ7d1pvN+9IBQycZc1fnSubwnmQ=; b=TLFKrsVykQI5SdoXgW9SMuzy+c3YoqwZzSNucZjluq4UWOUPcohHU3cu5bUYL0hBnB BaaAoTkEtGsHn9I6uiKf29tbgGqJS9uLOtkSTAB0l5cwLe7HaJXEyKfdqpd1ThlEN5SC BrweW0INi75R0eq1dRHTLcVBAG9ZuL6FleseLE3wq69cLzmawrA76LpzXOkLzH78vJSd idsq+PF7TsZp2wltbzH0xKsOXCeLhhn7VkVMyAAPi60XbfqGqlsJNnO1Y0QCuSQP3D9Z YiyMzLIwQCuCdEiNHl0dneh23wamqeMXTloo6DAgxYAImYcdVRZvdJAV9fpPkhIa7O4p dotw== X-Gm-Message-State: AOUpUlFUcdOKo++GrAcVUhe3FVWd5OlZadwEKAtiPaVzD56Cp+b0jrLm xFqQ9qyxl7aPsgjV2vuGpMUyrQ== X-Google-Smtp-Source: AAOMgpcHAgkerFN18HtlA0WKWuJqxpeEuODM05X9TWm/Ks1J3A/o49fVIQH3TZ9D9Q7K+KcfrI7nEg== X-Received: by 2002:a24:3793:: with SMTP id r141-v6mr1779647itr.0.1531915005958; Wed, 18 Jul 2018 04:56:45 -0700 (PDT) Original-Received: from zebian (cbl-45-2-119-34.yyz.frontiernetworks.ca. [45.2.119.34]) by smtp.googlemail.com with ESMTPSA id i9-v6sm1461758iom.19.2018.07.18.04.56.44 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 18 Jul 2018 04:56:45 -0700 (PDT) In-Reply-To: (Stefan Monnier's message of "Fri, 22 Jun 2018 08:44:58 -0400") X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 208.118.235.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.org gmane.emacs.bugs:148633 Archived-At: --=-=-= Content-Type: text/plain Stefan Monnier writes: > unconditionally call *-watch-for-password-prompt right at the place > where you added the "run-hook" (actually, only one of the two places), Here is a modified version of Tino's patch which uses comint.el and does the above. Another difference is that we call term-watch-for-password-prompt on the decoded-substring (I believe that's required to match localized non-ASCII prompts correctly). I wasn't able to reproduce the problems described in #74 with any version of the patch (maybe it's dependent on timing?), so I'm not sure how much of a concern that is. --=-=-= Content-Type: text/plain Content-Disposition: attachment; filename=v3-0001-Prevent-line-mode-term-from-showing-user-password.patch Content-Description: patch >From 5e8f7abce1b1dd9796e5baab57dc6215850b3416 Mon Sep 17 00:00:00 2001 From: Tino Calancha Date: Thu, 15 Feb 2018 09:09:50 +0900 Subject: [PATCH v3] Prevent line-mode term from showing user passwords For buffers whose mode derive from comint-mode, the user password is read from the minibuffer and it's hidden. A buffer in term-mode and line submode, instead shows the passwords. Make buffers in line term-mode to hide passwords too (Bug#30190). * lisp/term.el (term-send-invisible): Prefer the more robust `read-passwd' instead of `term-read-noecho'. (term-watch-for-password-prompt): New function. (term-emulate-terminal): Call it each time we receive non-escape sequence output. Co-authored-by: Noam Postavsky --- lisp/term.el | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/lisp/term.el b/lisp/term.el index b7f5b0e7f2..f7cd7dcd6a 100644 --- a/lisp/term.el +++ b/lisp/term.el @@ -347,6 +347,7 @@ term-protocol-version (eval-when-compile (require 'cl-lib)) (require 'ring) (require 'ehelp) +(require 'comint) ; Password regexp. (declare-function ring-empty-p "ring" (ring)) (declare-function ring-ref "ring" (ring index)) @@ -2288,7 +2289,8 @@ term-send-invisible \\[view-lossage]." (interactive "P") ; Defeat snooping via C-x esc (when (not (stringp str)) - (setq str (term-read-noecho "Non-echoed text: " t))) + (let ((read-hide-char ?*)) + (setq str (read-passwd "Non-echoed text: ")))) (when (not proc) (setq proc (get-buffer-process (current-buffer)))) (if (not proc) (error "Current buffer has no process") @@ -2297,6 +2299,17 @@ term-send-invisible (term-send-string proc str) (term-send-string proc "\n"))) +;; TODO: Maybe combine this with `comint-watch-for-password-prompt'. +(defun term-watch-for-password-prompt (string) + "Prompt in the minibuffer for password and send without echoing. +This function uses `term-send-invisible' to read and send a password to the buffer's +process if STRING contains a password prompt defined by +`comint-password-prompt-regexp'." + (when (term-in-line-mode) + (when (let ((case-fold-search t)) + (string-match comint-password-prompt-regexp string)) + (term-send-invisible (read-passwd string))))) + ;;; Low-level process communication @@ -3152,6 +3165,9 @@ term-emulate-terminal (term-handle-deferred-scroll)) (set-marker (process-mark proc) (point)) + (when (stringp decoded-substring) + (term-watch-for-password-prompt (prog1 decoded-substring + (setq decoded-substring nil)))) (when save-point (goto-char save-point) (set-marker save-point nil)) -- 2.11.0 --=-=-=--