Bug#860817: kedpm: Information leak via the command history file

Wed, 26 Apr 2017 14:04:23 -0700 

Control: tags -1 +patch

I have requested a CVE on the oss-security mailing list.

In the meantime, there's this patch that should apply to jessie and can
probably be backported to wheezy as well.

It simply removes the "passwd" entries from the history before it is
written to disk. It will not hide other password names that are created
or fetched from the database, but I consider that a minor issue that
doesn't warrant a full rearchitecture.

I have also requested complete removal of kedpm from sid/stretch, as it
is unmaintained, see #861277.

A.

-- 
Brief is this existence, as a fleeting visit in a strange house.
The path to be pursued is poorly lit by a flickering consciousness.
                       - Albert Einstein

>From 247287a9fbe05db9279771e67dae8082bc3bdba2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= <anar...@debian.org>
Date: Wed, 26 Apr 2017 16:58:56 -0400
Subject: [PATCH] always prompt for password and do not save to database

---
 kedpm/frontends/cli.py | 38 +++++++++++++++-----------------------
 1 file changed, 15 insertions(+), 23 deletions(-)

diff --git a/kedpm/frontends/cli.py b/kedpm/frontends/cli.py
index db1c27d..1f9df46 100644
--- a/kedpm/frontends/cli.py
+++ b/kedpm/frontends/cli.py
@@ -591,29 +591,21 @@ def complete_rename(self, text, line, begidx, endidx):
         return self.complete_dirs(text, line, begidx, endidx)
 
     def do_passwd(self, arg):
-        """Change master password for opened database
-        
-Syntax:
-    password [new password]
-
-If new password is not provided with command, you will be promted to enter new
-one.
-"""
-
-        if not arg:
-            # Password is not provided with command. Ask user for it
-            pass1 = getpass(_("New password: "))
-            pass2 = getpass(_("Repeat password: "))
-            if pass1 == '':
-                print _("Empty passwords are really insecure. You should " \
-                        "create one.")
-                return
-            if pass1!=pass2:
-                print _("Passwords don't match! Please repeat.")
-                return
-            new_pass = pass1
-        else:
-            new_pass = arg
+        """Change master password for opened database"""
+
+        # remove possibly master password from history file
+        readline.remove_history_item(readline.get_current_history_length()-1)
+        # Password is not provided with command. Ask user for it
+        pass1 = getpass(_("New password: "))
+        pass2 = getpass(_("Repeat password: "))
+        if pass1 == '':
+            print _("Empty passwords are really insecure. You should " \
+                    "create one.")
+            return
+        if pass1!=pass2:
+            print _("Passwords don't match! Please repeat.")
+            return
+        new_pass = pass1
 
         self.pdb.changePassword(new_pass)
         self.printMessage(_("Password changed."))
-- 
2.11.0

Reply via email to