help-shishi
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Bug#442094: displays entered password

From: Simon Josefsson
Subject: Bug#442094: displays entered password
Date: Thu, 13 Sep 2007 17:08:04 +0200
User-agent: Gnus/5.110007 (No Gnus v0.7) Emacs/22.1 (gnu/linux) 
Jack Bates <address@hidden> writes:

> Sorry I've not had time until now to test and provide feedback on
> libpam-shishi. Thank you for developing this software.
>
> Using libpam-shishi, my password is displayed as I enter it. For
> instance, when logging into a console, most PAM plugins don't display
> the password as it's entered. However when using libpam-shishi, the
> password is displayed.

Hi Jack!  Thanks for the report.  I was quite surprised to hear that,
but looking at the source, I suspect some debug code was still present.
I probably mostly used this under X11 and didn't see this.

I have committed the patch below which looks like the right thing, but I
have not tested it.  If you can easily build Shishi from GIT yourself
and test whether the problem is fixed, that would help.

Thanks,
Simon

commit 64ba04853d9d3cdb949ec789ae6e33bbfe06049e
Author: Simon Josefsson <address@hidden>
Date:   Thu Sep 13 17:05:25 2007 +0200

    Add.

diff --git a/NEWS b/NEWS
index 2f50b10..ab2f635 100644
--- a/NEWS
+++ b/NEWS
@@ -4,6 +4,9 @@ See the end for copying conditions.
 
 * Version 0.0.33 (unreleased)
 
+** libpam_shishi: Don't echo password when reading it from console.
+Reported by Jack Bates <address@hidden>.
+
 ** Update translations.
 
 * Version 0.0.32 (released 2007-06-29)

commit 077dd5363b17cdd5565eeff68c0573205e4f7675
Author: Simon Josefsson <address@hidden>
Date:   Thu Sep 13 17:05:00 2007 +0200

    Don't echo password to console (untested patch).
    Reported by Jack Bates <address@hidden>.

diff --git a/extra/pam_shishi/pam_shishi.c b/extra/pam_shishi/pam_shishi.c
index 22641f4..cd92bad 100644
--- a/extra/pam_shishi/pam_shishi.c
+++ b/extra/pam_shishi/pam_shishi.c
@@ -126,7 +126,7 @@ pam_sm_authenticate (pam_handle_t * pamh,
       pmsg[0] = &msg[0];
       asprintf ((char **) &msg[0].msg, "Password for address@hidden': ",
                shishi_principal_default (h), shishi_realm_default (h));
-      msg[0].msg_style = PAM_PROMPT_ECHO_ON;
+      msg[0].msg_style = PAM_PROMPT_ECHO_OFF;
       resp = NULL;
 
       retval = conv->conv (nargs, (const struct pam_message **) pmsg,
reply via email to
[Prev in Thread] Current Thread [Next in Thread]