GNU logs - #8427, boring messages


Message sent to owner <at> debbugs.gnu.org, bug-gnu-emacs@HIDDEN:


X-Loop: help-debbugs@HIDDEN
Subject: bug#8427: [SECURITY] sql.el -- comint process passwords are leaked to ps(1) listing
Resent-From: Jari Aalto <jari.aalto@HIDDEN>
Original-Sender: debbugs-submit-bounces <at> debbugs.gnu.org
Resent-To: owner <at> debbugs.gnu.org
Resent-CC: bug-gnu-emacs@HIDDEN
Resent-Date: Tue, 05 Apr 2011 11:28:01 +0000
Resent-Message-ID: <handler.8427.B.130200283623227 <at> debbugs.gnu.org>
Resent-Sender: help-debbugs@HIDDEN
X-GNU-PR-Message: report 8427
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: 
To: 8427 <at> debbugs.gnu.org
X-Debbugs-Original-To: submit <at> debbugs.gnu.org
Received: via spool by submit <at> debbugs.gnu.org id=B.130200283623227
          (code B ref -1); Tue, 05 Apr 2011 11:28:01 +0000
Received: (at submit) by debbugs.gnu.org; 5 Apr 2011 11:27:16 +0000
Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1Q74Pk-00062a-1g
	for submit <at> debbugs.gnu.org; Tue, 05 Apr 2011 07:27:16 -0400
Received: from emh03.mail.saunalahti.fi ([62.142.5.109])
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <jari.aalto@HIDDEN>) id 1Q74Ph-00062M-6s
	for submit <at> debbugs.gnu.org; Tue, 05 Apr 2011 07:27:14 -0400
Received: from saunalahti-vams (vs3-12.mail.saunalahti.fi [62.142.5.96])
	by emh03-2.mail.saunalahti.fi (Postfix) with SMTP id 49ED2EBD05
	for <submit <at> debbugs.gnu.org>; Tue,  5 Apr 2011 14:27:05 +0300 (EEST)
Received: from emh03.mail.saunalahti.fi ([62.142.5.109])
	by vs3-12.mail.saunalahti.fi ([62.142.5.96])
	with SMTP (gateway) id A046692F249; Tue, 05 Apr 2011 14:27:05 +0300
Received: from cante.net (a91-155-187-216.elisa-laajakaista.fi
	[91.155.187.216])
	by emh03.mail.saunalahti.fi (Postfix) with ESMTP id 20861158A65
	for <submit <at> debbugs.gnu.org>; Tue,  5 Apr 2011 14:27:03 +0300 (EEST)
From: Jari Aalto <jari.aalto@HIDDEN>
Mail-Copies-To: poster
Date: Tue, 05 Apr 2011 14:27:03 +0300
Message-ID: <87fwpxdjlk.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain
X-Antivirus: VAMS
X-Spam-Score: -2.6 (--)
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.11
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/pipermail/debbugs-submit>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Sender: debbugs-submit-bounces <at> debbugs.gnu.org
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
X-Spam-Score: -2.6 (--)

Package: emacs
Version: 23.2+1-7
Severity: serious
Tags: security

There is a big security problem with sql.el:

    M-x sql-mysql
    <Fill in the connection details: user, password ...>

At command line, anyone in multi-user environment can dig out the
passwords:

   $ ps -ef -o user,pid,args | grep mysql       # ps(1) under SUN/Solaris
   foo  9599 /usr/local/bin/mysql --user=foo --password=123456 --host=db.example.com
   bar  3732 /usr/local/bin/mysql --user=bar --password=abcdef --host=db.example.com

Jari

P.S mysql(1) mentions that you can set database options in ~/.my.cnf file.

MySQL case, there is in manual page:

-- System Information
Debian Release: wheezy/sid
  APT Prefers testing
  APT policy: (990, testing) (500, unstable) (1, experimental)
Architecture: amd64
Kernel: Linux picasso 2.6.32-5-amd64 #1 SMP Wed Jan 12 03:40:32 UTC 2011 x86_64 GNU/Linux
Locale: LANG=en_US.UTF-8, LC_ALL=

-- Versions of packages `emacs depends on'.
Depends:
emacs23         23.2+1-7        GNU Emacs is the extensible self-documenting
emacs23-lucid   23.2+1-7        GNU Emacs is the extensible self-documenting
emacs23-nox     23.2+1-7        GNU Emacs is the extensible self-documenting




Message sent:


Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Mailer: MIME-tools 5.427 (Entity 5.427)
Content-Type: text/plain; charset=utf-8
X-Loop: help-debbugs@HIDDEN
From: help-debbugs@HIDDEN (GNU bug Tracking System)
To: Jari Aalto <jari.aalto@HIDDEN>
Subject: bug#8427: Acknowledgement ([SECURITY] sql.el -- comint process
 passwords are leaked to ps(1) listing)
Message-ID: <handler.8427.B.130200283623227.ack <at> debbugs.gnu.org>
References: <87fwpxdjlk.fsf@HIDDEN>
X-Gnu-PR-Message: ack 8427
X-Gnu-PR-Package: emacs
Reply-To: 8427 <at> debbugs.gnu.org
Date: Tue, 05 Apr 2011 11:28:01 +0000

Thank you for filing a new bug report with GNU.

This is an automatically generated reply to let you know your message
has been received.

Your message is being forwarded to the package maintainers and other
interested parties for their attention; they will reply in due course.

Your message has been sent to the package maintainer(s):
 bug-gnu-emacs@HIDDEN

If you wish to submit further information on this problem, please
send it to 8427 <at> debbugs.gnu.org.

Please do not send mail to help-debbugs@HIDDEN unless you wish
to report a problem with the Bug-tracking system.

--=20
8427: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D8427
GNU Bug Tracking System
Contact help-debbugs@HIDDEN with problems


Message sent to bug-gnu-emacs@HIDDEN:


X-Loop: help-debbugs@HIDDEN
Subject: bug#8427: (no subject)
References: <87fwpxdjlk.fsf@HIDDEN>
In-Reply-To: <87fwpxdjlk.fsf@HIDDEN>
Resent-From: Michael Mauger <michael@HIDDEN>
Original-Sender: debbugs-submit-bounces <at> debbugs.gnu.org
Resent-CC: bug-gnu-emacs@HIDDEN
Resent-Date: Tue, 28 Feb 2012 23:39:01 +0000
Resent-Message-ID: <handler.8427.B8427.133047231711030 <at> debbugs.gnu.org>
Resent-Sender: help-debbugs@HIDDEN
X-GNU-PR-Message: followup 8427
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: 
To: "8427 <at> debbugs.gnu.org" <8427 <at> debbugs.gnu.org>
Reply-To: Michael Mauger <michael@HIDDEN>
Received: via spool by 8427-submit <at> debbugs.gnu.org id=B8427.133047231711030
          (code B ref 8427); Tue, 28 Feb 2012 23:39:01 +0000
Received: (at 8427) by debbugs.gnu.org; 28 Feb 2012 23:38:37 +0000
Received: from localhost ([127.0.0.1]:54865 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.72)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1S2Wcq-0002rU-8r
	for submit <at> debbugs.gnu.org; Tue, 28 Feb 2012 18:38:37 -0500
Received: from nm13-vm1.bullet.mail.ne1.yahoo.com ([98.138.91.62]:43919)
	by debbugs.gnu.org with smtp (Exim 4.72)
	(envelope-from <michael@HIDDEN>) id 1S2Wa6-0002mI-4F
	for 8427 <at> debbugs.gnu.org; Tue, 28 Feb 2012 18:35:48 -0500
Received: from [98.138.90.49] by nm13.bullet.mail.ne1.yahoo.com with NNFMP;
	28 Feb 2012 23:35:25 -0000
Received: from [98.138.89.171] by tm2.bullet.mail.ne1.yahoo.com with NNFMP;
	28 Feb 2012 23:35:25 -0000
Received: from [127.0.0.1] by omp1027.mail.ne1.yahoo.com with NNFMP;
	28 Feb 2012 23:35:25 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 876842.51468.bm@HIDDEN
Received: (qmail 39559 invoked by uid 60001); 28 Feb 2012 23:35:25 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024;
	t=1330472125; bh=RwqbTUqDlwUMp4qSuP6cZMcDUEax4gMMn81VrwYoHfs=;
	h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:Message-ID:Date:From:Reply-To:To:MIME-Version:Content-Type;
	b=sBVoVgdlMtwqqwLJxLZcPRiXojfe+hnCS5yJskoZVNE2ocloEfce0Af34JGOXSuo5YpFVOFEBVJzHt2VSk3XAqGEuqh92frT4me65vH9uzIR89Olz4f7xXden4aPiCpzTYTpid65lv9yetP9/b1gui+mlstDg2lfru3Cu+4B5eI=
X-YMail-OSG: WWZcQeMVM1mBS2cwxLSXSPkhoUP6mGrPvoEehcSWGzqyz44
	otRTfsLUVoMYYg3WZHkPojK1eqMQbHyJIE89f6IsRWseqW4RYElYNLj.k3S7
	9GPPe_24bjJEgTw60xOMtiMH9LjwJBFjkn64EIKrqo6mhfzVc1O9nMGqYndH
	3kDJcEoTmwc3jP2FLUMYoRnwKqGAjmraE6sQ2VzD1P7BQ8eTJgxuGSN5Jmwp
	98y.fs4OCAJ580kaQCRHQEPuOFezdEcVjxasavXs0ZqHAioxWxsytyfTm.XV
	nY4v27BqVaAzoKLHFlBslH6bMwt3yptKidpG0CjH9tiO0D1sfuxDDyFofzqq
	dEuthBWcudF6XBUU344FK6dI2h3Fzv2op5Y9p1Fyp71L1QbzV4_Y7MrV5_8.
	rmiBMXy_qUJg2nBWsALce56NYMcYPul7wgefjwCBF_T2VjgXmnWFDKhl5vQ- -
Received: from [98.216.52.54] by web126004.mail.ne1.yahoo.com via HTTP;
	Tue, 28 Feb 2012 15:35:25 PST
X-RocketYMMF: mmaug
X-Mailer: YahooMailWebService/0.8.116.338427
Message-ID: <1330472125.33805.YahooMailNeo@HIDDEN>
Date: Tue, 28 Feb 2012 15:35:25 -0800 (PST)
From: Michael Mauger <michael@HIDDEN>
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="1688457910-1661909595-1330472125=:33805"
X-Spam-Score: 2.9 (++)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
	has
	identified this incoming email as possible spam. The original message
	has been attached to this so you can view it (if it isn't spam) or
	label similar future email.  If you have any questions, see
	the administrator of that system for details.
	Content preview:  This is not a problem with just sql-mysql,
	its an issue with
	all database products that require a password. MySql is one of the few
	that
	covers their tracks after they start up. When sql.el starts up one of
	these product interpreters that require a password,
	it embeds the password in the
	command line. If the operating system, such as GNU/Linux,
	displays the full
	command line of executing processes, the vulnerability exists. [...] 
	Content analysis details:   (2.9 points, 10.0 required)
	pts rule name              description
	---- ----------------------
	--------------------------------------------------
	-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/,
	no trust [98.138.91.62 listed in list.dnswl.org]
	3.0 GOT_NO_SUBJECT         No real subject
	-1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%
	[score: 0.0000]
	0.0 HTML_MESSAGE           BODY: HTML included in message
	1.8 MISSING_SUBJECT        Missing Subject: header
	0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
X-Mailman-Approved-At: Tue, 28 Feb 2012 18:38:20 -0500
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Sender: debbugs-submit-bounces <at> debbugs.gnu.org
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
X-Spam-Score: 2.9 (++)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has
 identified this incoming email as possible spam.  The original message
 has been attached to this so you can view it (if it isn't spam) or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 
 Content preview:  This is not a problem with just sql-mysql, its an issue with
    all database products that require a password. MySql is one of the few that
    covers their tracks after they start up. When sql.el starts up one of these
    product interpreters that require a password, it embeds the password in the
    command line. If the operating system, such as GNU/Linux, displays the full
    command line of executing processes, the vulnerability exists. [...] 
 
 Content analysis details:   (2.9 points, 10.0 required)
 
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  3.0 GOT_NO_SUBJECT         No real subject
 -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at http://www.dnswl.org/, no
                             trust
                             [98.138.91.62 listed in list.dnswl.org]
 -1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%
                             [score: 0.0000]
  0.0 HTML_MESSAGE           BODY: HTML included in message
  1.8 MISSING_SUBJECT        Missing Subject: header
  0.0 T_DKIM_INVALID         DKIM-Signature header exists but is not valid

--1688457910-1661909595-1330472125=:33805
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable

This is not a problem with just sql-mysql, its an issue with all database p=
roducts that require a password. =A0MySql is one of the few that covers the=
ir tracks after they start up. When sql.el starts up one of these product i=
nterpreters that require a password, it embeds the password in the command =
line. =A0If the operating system, such as GNU/Linux, displays the full comm=
and line of executing processes, the vulnerability exists.=0A=0AThe alterna=
tive is to rely upon the operating system's authentication and authorizatio=
n so that explicit credentials do not need to be passed to the command inte=
rpreter on the command line. =A0The one other solution provided by a couple=
 of database products allow the credentials to be sent via an I/O channel w=
hich would hide them from prying eyes, but may be more difficult to support=
 cross platform.=0A=0AI'm open to including a warning about the potential v=
ulnerability -- wording suggestions appreciated. =A0Alternative solutions a=
lso welcome.
--1688457910-1661909595-1330472125=:33805
Content-Type: text/html; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable

<html><body><div style=3D"color:#000; background-color:#fff; font-family:ar=
ial, helvetica, sans-serif;font-size:12pt"><div>This is not a problem with =
just sql-mysql, its an issue with all database products that require a pass=
word. &nbsp;MySql is one of the few that covers their tracks after they sta=
rt up. When sql.el starts up one of these product interpreters that require=
 a password, it embeds the password in the command line. &nbsp;If the opera=
ting system, such as GNU/Linux, displays the full command line of executing=
 processes, the vulnerability exists.</div><div><br></div><div>The alternat=
ive is to rely upon the operating system's authentication and authorization=
 so that explicit credentials do not need to be passed to the command inter=
preter on the command line. &nbsp;The one other solution provided by a coup=
le of database products allow the credentials to be sent via an I/O channel=
 which would hide them from prying eyes, but may be more difficult to
 support cross platform.</div><div><br></div><div>I'm open to including a w=
arning about the potential vulnerability -- wording suggestions appreciated=
. &nbsp;Alternative solutions also welcome.</div></div></body></html>
--1688457910-1661909595-1330472125=:33805--




Message received at control <at> debbugs.gnu.org:


Received: (at control) by debbugs.gnu.org; 3 Jan 2013 18:29:16 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu Jan 03 13:29:15 2013
Received: from localhost ([127.0.0.1]:41878 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.72)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1TqpXX-0001R4-5s
	for submit <at> debbugs.gnu.org; Thu, 03 Jan 2013 13:29:15 -0500
Received: from fencepost.gnu.org ([208.118.235.10]:55019)
	by debbugs.gnu.org with esmtp (Exim 4.72)
	(envelope-from <rgm@HIDDEN>) id 1TqpXV-0001Qy-K0
	for control <at> debbugs.gnu.org; Thu, 03 Jan 2013 13:29:13 -0500
Received: from rgm by fencepost.gnu.org with local (Exim 4.71)
	(envelope-from <rgm@HIDDEN>) id 1TqpXS-0006HM-Tu
	for control <at> debbugs.gnu.org; Thu, 03 Jan 2013 13:29:11 -0500
Date: Thu, 03 Jan 2013 13:29:10 -0500
Message-Id: <E1TqpXS-0006HM-Tu@HIDDEN>
Subject: control message for bug 8427
To: <control <at> debbugs.gnu.org>
X-Mailer: mail (GNU Mailutils 2.1)
From: Glenn Morris <rgm@HIDDEN>
X-Spam-Score: -4.2 (----)
X-Debbugs-Envelope-To: control
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Sender: debbugs-submit-bounces <at> debbugs.gnu.org
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
X-Spam-Score: -4.2 (----)

severity 8427 important
tag 8427 security




Message received at control <at> debbugs.gnu.org:


Received: (at control) by debbugs.gnu.org; 3 Jan 2013 18:29:16 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu Jan 03 13:29:15 2013
Received: from localhost ([127.0.0.1]:41878 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.72)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1TqpXX-0001R4-5s
	for submit <at> debbugs.gnu.org; Thu, 03 Jan 2013 13:29:15 -0500
Received: from fencepost.gnu.org ([208.118.235.10]:55019)
	by debbugs.gnu.org with esmtp (Exim 4.72)
	(envelope-from <rgm@HIDDEN>) id 1TqpXV-0001Qy-K0
	for control <at> debbugs.gnu.org; Thu, 03 Jan 2013 13:29:13 -0500
Received: from rgm by fencepost.gnu.org with local (Exim 4.71)
	(envelope-from <rgm@HIDDEN>) id 1TqpXS-0006HM-Tu
	for control <at> debbugs.gnu.org; Thu, 03 Jan 2013 13:29:11 -0500
Date: Thu, 03 Jan 2013 13:29:10 -0500
Message-Id: <E1TqpXS-0006HM-Tu@HIDDEN>
Subject: control message for bug 8427
To: <control <at> debbugs.gnu.org>
X-Mailer: mail (GNU Mailutils 2.1)
From: Glenn Morris <rgm@HIDDEN>
X-Spam-Score: -4.2 (----)
X-Debbugs-Envelope-To: control
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Sender: debbugs-submit-bounces <at> debbugs.gnu.org
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
X-Spam-Score: -4.2 (----)

severity 8427 important
tag 8427 security




Message sent to bug-gnu-emacs@HIDDEN:


X-Loop: help-debbugs@HIDDEN
Subject: bug#8427: [SECURITY] sql.el -- comint process passwords are leaked to ps(1) listing
Resent-From: Glenn Morris <rgm@HIDDEN>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@HIDDEN
Resent-Date: Thu, 06 Mar 2014 02:07:02 +0000
Resent-Message-ID: <handler.8427.B8427.139407158014893 <at> debbugs.gnu.org>
Resent-Sender: help-debbugs@HIDDEN
X-GNU-PR-Message: followup 8427
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: security
To: 8427 <at> debbugs.gnu.org
Received: via spool by 8427-submit <at> debbugs.gnu.org id=B8427.139407158014893
          (code B ref 8427); Thu, 06 Mar 2014 02:07:02 +0000
Received: (at 8427) by debbugs.gnu.org; 6 Mar 2014 02:06:20 +0000
Received: from localhost ([127.0.0.1]:52186 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1WLNhT-0003s8-GU
	for submit <at> debbugs.gnu.org; Wed, 05 Mar 2014 21:06:19 -0500
Received: from fencepost.gnu.org ([208.118.235.10]:52055)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <rgm@HIDDEN>) id 1WLNhR-0003ry-D3
 for 8427 <at> debbugs.gnu.org; Wed, 05 Mar 2014 21:06:18 -0500
Received: from rgm by fencepost.gnu.org with local (Exim 4.71)
 (envelope-from <rgm@HIDDEN>)
 id 1WLNhQ-0000j3-98; Wed, 05 Mar 2014 21:06:16 -0500
From: Glenn Morris <rgm@HIDDEN>
References: <87fwpxdjlk.fsf@HIDDEN>
X-Spook: NSA data haven offensive information warfare JPL Jiang
X-Ran: F;RJI:_;}hEgZQPn-8D51dS>t2\LOletfRnw7q]<8mG-8tVpwI-g~.i0vu86|NuqcU\4w9
X-Hue: red
X-Attribution: GM
Date: Wed, 05 Mar 2014 21:06:16 -0500
In-Reply-To: <87fwpxdjlk.fsf@HIDDEN> (Jari Aalto's message of "Tue, 05
 Apr 2011 14:27:03 +0300")
Message-ID: <2swqg8rsh3.fsf@HIDDEN>
User-Agent: Gnus (www.gnus.org), GNU Emacs (www.gnu.org/software/emacs/)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Spam-Score: -5.0 (-----)
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)

Jari Aalto wrote:

> There is a big security problem with sql.el:
>
>     M-x sql-mysql
>     <Fill in the connection details: user, password ...>
>
> At command line, anyone in multi-user environment can dig out the
> passwords:
>
>    $ ps -ef -o user,pid,args | grep mysql       # ps(1) under SUN/Solaris
>    foo  9599 /usr/local/bin/mysql --user=foo --password=123456 --host=db.example.com
>    bar  3732 /usr/local/bin/mysql --user=bar --password=abcdef --host=db.example.com

Apparently, no they cannot, since mysql replaces the password characters
with x's:

http://www.lenzg.net/archives/256-basic-mysql-security-providing-passwords-on-the-command-line.html

I tested it and it is so hidden for me.


Also, with recent Linux kernels, you can enable the procfs "hidepid"
feature to prevent this entire class of information leakage.


So I don't think Emacs needs to do anything but maybe add a warning
statement to the doc string.

Downgrading bug severity accordingly.




Message received at control <at> debbugs.gnu.org:


Received: (at control) by debbugs.gnu.org; 6 Mar 2014 02:06:27 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Mar 05 21:06:27 2014
Received: from localhost ([127.0.0.1]:52189 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1WLNhb-0003sV-1k
	for submit <at> debbugs.gnu.org; Wed, 05 Mar 2014 21:06:27 -0500
Received: from fencepost.gnu.org ([208.118.235.10]:52057)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <rgm@HIDDEN>) id 1WLNhZ-0003sN-R9
 for control <at> debbugs.gnu.org; Wed, 05 Mar 2014 21:06:26 -0500
Received: from rgm by fencepost.gnu.org with local (Exim 4.71)
 (envelope-from <rgm@HIDDEN>) id 1WLNhZ-0000jQ-Ic
 for control <at> debbugs.gnu.org; Wed, 05 Mar 2014 21:06:25 -0500
Date: Wed, 05 Mar 2014 21:06:25 -0500
Message-Id: <E1WLNhZ-0000jQ-Ic@HIDDEN>
Subject: control message for bug 8427
To: <control <at> debbugs.gnu.org>
X-Mailer: mail (GNU Mailutils 2.1)
From: Glenn Morris <rgm@HIDDEN>
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: control
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)

severity 8427 normal




Message sent to bug-gnu-emacs@HIDDEN:


X-Loop: help-debbugs@HIDDEN
Subject: bug#8427: [SECURITY] sql.el -- comint process passwords are leaked to ps(1) listing
Resent-From: Stefan Monnier <monnier@HIDDEN>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@HIDDEN
Resent-Date: Fri, 07 Mar 2014 23:03:02 +0000
Resent-Message-ID: <handler.8427.B8427.139423335928927 <at> debbugs.gnu.org>
Resent-Sender: help-debbugs@HIDDEN
X-GNU-PR-Message: followup 8427
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: security
To: Glenn Morris <rgm@HIDDEN>
Cc: 8427 <at> debbugs.gnu.org
Received: via spool by 8427-submit <at> debbugs.gnu.org id=B8427.139423335928927
          (code B ref 8427); Fri, 07 Mar 2014 23:03:02 +0000
Received: (at 8427) by debbugs.gnu.org; 7 Mar 2014 23:02:39 +0000
Received: from localhost ([127.0.0.1]:55329 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1WM3mp-0007WV-8B
	for submit <at> debbugs.gnu.org; Fri, 07 Mar 2014 18:02:39 -0500
Received: from ironport2-out.teksavvy.com ([206.248.154.181]:24418)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <monnier@HIDDEN>) id 1WM3mn-0007WM-HN
 for 8427 <at> debbugs.gnu.org; Fri, 07 Mar 2014 18:02:37 -0500
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av4EABK/CFFMCppy/2dsb2JhbABEvw4Xc4IeAQEEAVYjBQsLDiIEEhQYDSSIHgbBLY1jgycDiGGcGYFegxU
X-IPAS-Result: Av4EABK/CFFMCppy/2dsb2JhbABEvw4Xc4IeAQEEAVYjBQsLDiIEEhQYDSSIHgbBLY1jgycDiGGcGYFegxU
X-IronPort-AV: E=Sophos;i="4.84,565,1355115600"; d="scan'208";a="50835945"
Received: from 76-10-154-114.dsl.teksavvy.com (HELO ceviche.home)
 ([76.10.154.114])
 by ironport2-out.teksavvy.com with ESMTP/TLS/ADH-AES256-SHA;
 07 Mar 2014 18:02:36 -0500
Received: by ceviche.home (Postfix, from userid 20848)
 id B7C97660A5; Fri,  7 Mar 2014 18:02:36 -0500 (EST)
From: Stefan Monnier <monnier@HIDDEN>
Message-ID: <jwva9d1fw9a.fsf-monnier+emacsbugs@HIDDEN>
References: <87fwpxdjlk.fsf@HIDDEN> <2swqg8rsh3.fsf@HIDDEN>
Date: Fri, 07 Mar 2014 18:02:36 -0500
In-Reply-To: <2swqg8rsh3.fsf@HIDDEN> (Glenn Morris's message of
 "Wed, 05 Mar 2014 21:06:16 -0500")
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.3 (/)
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: 0.3 (/)

> Apparently, no they cannot, since mysql replaces the password characters
> with x's:

Of course, that still leaves the chars exposed during a short time window.


        Stefan





Last modified: Fri, 31 Oct 2014 17:00:04 UTC

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997 nCipher Corporation Ltd, 1994-97 Ian Jackson.