[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Emacs-diffs] trunk r115434: * subr.el (read-passwd): Disable show-p
From: |
martin rudalics |
Subject: |
Re: [Emacs-diffs] trunk r115434: * subr.el (read-passwd): Disable show-paren-mode. |
Date: |
Wed, 11 Dec 2013 18:55:01 +0100 |
> For the "maliciously" case: this is Emacs we're talking about. Even if
> implemented in C, a "malicious" intruder can place enough advices to
> circumvent pretty much any such "security". So worrying about this case
> is not very useful.
The malicious case would include a person demonstrating how easy it is
to bypass the Emacs protection mechanism.
> I don't think we want to try and disable pre/post-command-hook, timers,
> process filters, before/after-change-functions, and other redisplay
> hooks just out of paranoia.
IIRC we already cover other cases like undo revealing a previously typed
password as well as passwords ending up in bug reports as recently typed
characters. IMO typing passswords should be based on limited editing
facilities like yanking, self-insertion, cursor movement and deletion
commands.
martin
Re: [Emacs-diffs] trunk r115434: * subr.el (read-passwd): Disable show-paren-mode., Leo Liu, 2013/12/09