1993-07-09 - emacs stuff
Header Data
From: eichin@cygnus.com (Mark Eichin)
To: shipley@merde.dis.org
Message Hash: f07984fc166a2ac5e00688a2033ecaea1647482585d50a915ac62c07cbd1303b
Message ID: <9307091804.AA03813@cygnus.com>
Reply To: <9307082128.AA02549@merde.dis.org>
UTC Datetime: 1993-07-09 18:05:19 UTC
Raw Date: Fri, 9 Jul 93 11:05:19 PDT
Raw message
From: eichin@cygnus.com (Mark Eichin)
Date: Fri, 9 Jul 93 11:05:19 PDT
To: shipley@merde.dis.org
Subject: emacs stuff
In-Reply-To: <9307082128.AA02549@merde.dis.org>
Message-ID: <9307091804.AA03813@cygnus.com>
MIME-Version: 1.0
Content-Type: text/plain
>> ;;; * They do "ps auxww" (SunOS) on your machine while you're
>> ;;; decrypting/signing.
It should be possible, with pgp 2.2, to eliminate this
vulnerability.
>> ;;; * They type C-h v *pgp-passphrase* in your emacs after you've
That's easy to clear optionally. What's hard to clear is "m-x
view-lossage" which has the raw characters. (I think emacs should have
support for safe reading and clearing, but I don't know if rms would
go for it. You'd need an excuse *other* than passwords.)
>> ;;; * They watch over your shoulder as you type it. (It's not invisible.)
Didn't read-password or read-no-echo ever make it into an
emacs release? Here are some ancient bits that I use.
_Mark_ <eichin@athena.mit.edu>
MIT Student Information Processing Board
Cygnus Support <eichin@cygnus.com>
;; ucbvax!brahms!weemba Matthew P Wiener/UCB Math Dept/Berkeley CA 94720
;;; GNU Emacs library to read in passwords from the minibuffer
;;; Standard GNU copying privileges apply
(setq minibuffer-local-no-echo-map (make-keymap))
(mapcar '(lambda (x) (aset minibuffer-local-no-echo-map (car x) (cdr x)))
(cdr minibuffer-local-map))
(let ((i ?\040))
(while (< i ?\177)
(aset minibuffer-local-no-echo-map i 'read-char-no-echo)
(setq i (1+ i))))
(aset minibuffer-local-no-echo-map ?\177 'delete-char-no-echo)
;; This function squirrels each typed-in character away.
(defun read-char-no-echo () (interactive)
(setq no-echo-list (append no-echo-list (list (this-command-keys)))))
;; This function erases the last character from the input list.
(defun delete-char-no-echo () (interactive)
(setq no-echo-list (nreverse (cdr (nreverse no-echo-list)))))
;; This is the function the user actually uses.
(defun read-string-no-echo (prompt)
"Get a password from the minibuffer, prompting with PROMPT."
(let (no-echo-list)
(read-from-minibuffer prompt nil minibuffer-local-no-echo-map)
(mapconcat 'identity no-echo-list nil)))
;;;;;;;;;;;;;;;;;;;;;This crudity is just for demo!;;;;;;;;;;;;;;;;;;;;
(defun read-password ()
"Prompts for a password, and doesn't echo it, stores it in 'secret'"
(interactive)
(setq secret (read-string-no-echo "Password: ")))
(defun shell-password ()
"Prompts for password, no echo, and sends it to the shell"
(interactive)
(process-send-string (get-buffer-process (current-buffer))
(concat
(read-string-no-echo "Password: ")
"\n")))
Thread
Return to July 1993
- Return to “eichin@cygnus.com (Mark Eichin)”
Return to “Peter shipley <shipley@merde.dis.org>”
- 1993-07-09 (Fri, 9 Jul 93 10:42:12 PDT) - No Subject - Peter shipley <shipley@merde.dis.org>
- 1993-07-09 (Fri, 9 Jul 93 11:05:19 PDT) - emacs stuff - eichin@cygnus.com (Mark Eichin)