[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Patch] Avoid recording chars when reading passwords

From: Stefan Monnier
Subject: Re: [Patch] Avoid recording chars when reading passwords
Date: Wed, 15 Jun 2022 08:27:51 -0400
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/29.0.50 (gnu/linux)

> The next question is: do we want to enable this by default

I'm strongly in favor of it being enabled by default, yes.
I think most people expect that their passwords aren't trivially
available in clear from the lossage.

> and in a way that users cannot have the previous behavior back?

I'd think being able to redefine `read-password` is sufficient, because
it should really be extremely uncommon to need your password to appear
in lossage and/or a dribble file.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]