From: Stefan Kangas <stefan@marxist.se>
To: 8427@debbugs.gnu.org
Subject: bug#8427: Fwd: bug#8427: [SECURITY] sql.el -- comint process passwords are leaked to ps(1) listing
Date: Sun, 20 Oct 2019 17:57:58 +0200 [thread overview]
Message-ID: <CADwFkm=pvfJ-GmmLxKt83i+rufpn9eJxnRBNnedOOKn2ENDQUA@mail.gmail.com> (raw)
In-Reply-To: <meny2xh8p4o.fsf@ahyatt-macbookpro6.roam.corp.google.com>
[-- Attachment #1: Type: text/plain, Size: 1300 bytes --]
---------- Forwarded message ---------
From: Andrew Hyatt <ahyatt@gmail.com>
Date: lör 19 okt. 2019 kl 04:07
Subject: Re: bug#8427: [SECURITY] sql.el -- comint process passwords
are leaked to ps(1) listing
To: Stefan Kangas <stefan@marxist.se>
I'm attaching the fix. The fix for MySQL was fairly straightforward. I
tried it out, and it works. I looked through sql.el for similar issues,
and was able to fix Vertica as well, although I've never heard of
Vertica before and couldn't test it out. Parameters were set according
to the docs at
https://www.vertica.com/docs/9.2.x/HTML/Content/Authoring/ConnectingToVertica/vsql/CommandLineOptions.htm,
which does match the existing code.
If this looks good to you, I will submit it (I have commit access).
Stefan Kangas <stefan@marxist.se> writes:
> Andrew Hyatt <ahyatt@gmail.com> writes:
>
>>> Could you perhaps send your patch here for review?
>>
>> I no longer know where my changes are. It's been a while. But I think I can probably recreate them, which I'll try to do this week.
> [...]
>> The idea is that instead of connecting with the --password arg, it can be left out entirely, in which case the program should ask for it (which is secure).
>
> Sounds good, thanks.
>
> Best regards,
> Stefan Kangas
[-- Attachment #2: 0001-Enable-password-less-connections-for-sql-where-possi.patch --]
[-- Type: application/x-patch, Size: 1933 bytes --]
next prev parent reply other threads:[~2019-10-20 15:57 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-04-05 11:27 bug#8427: [SECURITY] sql.el -- comint process passwords are leaked to ps(1) listing Jari Aalto
2012-02-28 23:35 ` bug#8427: (no subject) Michael Mauger
2014-03-06 2:06 ` bug#8427: [SECURITY] sql.el -- comint process passwords are leaked to ps(1) listing Glenn Morris
2014-03-07 23:02 ` Stefan Monnier
2018-01-07 17:54 ` Andrew Hyatt
2019-10-06 3:28 ` Stefan Kangas
2019-10-13 1:51 ` Andrew Hyatt
2019-10-13 22:09 ` Stefan Kangas
[not found] ` <meny2xh8p4o.fsf@ahyatt-macbookpro6.roam.corp.google.com>
2019-10-20 15:57 ` Stefan Kangas [this message]
2019-10-20 16:02 ` Stefan Kangas
2019-10-21 0:56 ` Andrew Hyatt
2019-10-21 20:33 ` Michael Mauger via Bug reports for GNU Emacs, the Swiss army knife of text editors
2019-11-02 1:10 ` Andrew Hyatt
2019-11-02 19:41 ` Michael Mauger via Bug reports for GNU Emacs, the Swiss army knife of text editors
2019-11-11 5:31 ` Andrew Hyatt
2019-12-16 4:59 ` Andrew Hyatt
2019-12-16 15:12 ` Michael Mauger via Bug reports for GNU Emacs, the Swiss army knife of text editors
2019-12-18 6:15 ` Andrew Hyatt
2019-12-18 12:45 ` Michael Mauger via Bug reports for GNU Emacs, the Swiss army knife of text editors
2019-12-18 16:57 ` Eli Zaretskii
2019-12-18 17:52 ` Michael Mauger via Bug reports for GNU Emacs, the Swiss army knife of text editors
2019-12-30 15:11 ` Andrew Hyatt
2019-12-30 18:34 ` Michael Albinus
2019-12-30 19:26 ` Andrew Hyatt
2019-12-30 19:39 ` Eli Zaretskii
2019-12-30 23:36 ` Michael Mauger via Bug reports for GNU Emacs, the Swiss army knife of text editors
2020-09-21 12:45 ` Lars Ingebrigtsen
2021-10-12 5:05 ` Stefan Kangas
2021-10-13 16:05 ` Michael Mauger via Bug reports for GNU Emacs, the Swiss army knife of text editors
2021-10-13 17:47 ` Stefan Kangas
2021-10-13 18:26 ` Eli Zaretskii
2021-10-13 21:26 ` Stefan Kangas
2021-10-19 4:37 ` Michael Mauger via Bug reports for GNU Emacs, the Swiss army knife of text editors
2021-10-19 11:58 ` Eli Zaretskii
2021-10-19 12:05 ` Michael Albinus
2021-11-05 7:11 ` Stefan Kangas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CADwFkm=pvfJ-GmmLxKt83i+rufpn9eJxnRBNnedOOKn2ENDQUA@mail.gmail.com' \
--to=stefan@marxist.se \
--cc=8427@debbugs.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.