bug-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#36154: 26.2; read-passwd function creates a security issue

From: Phil Sainty
Subject: bug#36154: 26.2; read-passwd function creates a security issue
Date: Thu, 10 Oct 2019 16:01:47 +1300
User-agent: Orcon Webmail 
On 2019-10-10 13:49, Noam Postavsky wrote:

Phil Sainty <psainty@orcon.net.nz> writes:
A potential solution to this would to make the low-level kill functions 
respect a new `inhibit-kill-ring' variable, such that nothing would be
added to the kill ring if that was non-nil.


IMO, it would be bettter to rebind the kill commands to corresponding
delete commands in read-passwd-map.


My main argument against that (at least as a complete solution) is that
is necessitates *knowing* what all the kill commands are, and what their
corresponding delete commands would be.

This would also mean maintaining that moving forwards for standard
commands; but that still wouldn't account for arbitrary third-party and
custom commands which call `kill-new'.

I think such remapping of standard commands would be entirely reasonable
as an *additional* step (particularly if it was wrapped into a minor mode), but personally I think there is a greater benefit (with wider application) 
in the `inhibit-kill-ring' notion.


-Phil
reply via email to
[Prev in Thread] Current Thread [Next in Thread]