Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Leaking secret through Password validation message #45

Closed
AuHau opened this issue Aug 8, 2018 · 6 comments
Closed

Leaking secret through Password validation message #45

AuHau opened this issue Aug 8, 2018 · 6 comments

Comments

@AuHau
Copy link
Collaborator

AuHau commented Aug 8, 2018

Today I realized that when you use Password question and supply invalid value, the entered value is prompted in plaintext in the error message.

I believe that this should not be the correct behavior as it could resolve in accidental leaking the secret to the surrounding (in a sense, somebody watching over my shoulder).

I would inspire regarding how to approach this from well-established utilities like sudo, which does not even print any chars to prevent from leaking the length of the secret.

I could do PR to fix this.

@magmax
Copy link
Owner

magmax commented Aug 8, 2018

not printing any character is a bad idea, because some users think that they wrote nothing. But Inquirer is here to try to think in any option, so setting an empty character should be allowed.

I will take a look on this issue.

Thank you for reporting!

@AuHau
Copy link
Collaborator Author

AuHau commented Aug 8, 2018

Well since Inquirer is focused on CLI environment, some level of user's knowledge could be assumed (and hence knowledge how CLI tools handle entering secrets). But on other hands, the current behavior is common in the web environment, so I guess it is alright to print starts.

But I would be quiet careful about printing the secret in validation messages as reported earlier...

@AuHau
Copy link
Collaborator Author

AuHau commented Sep 20, 2018

@magmax any update? I could do PR for the validation message not printing the entered value, would that be acceptable for you?

magmax added a commit that referenced this issue Sep 23, 2018
@magmax
Copy link
Owner

magmax commented Sep 23, 2018

This should fix it. Try the example/password.py file.

@AuHau
Copy link
Collaborator Author

AuHau commented Sep 23, 2018

Hmm, I think you tackled bit different problem. I also mentioned it here, but it was not the more important one ;-) I was more referencing on leaking secrets through the validation messages eq. "'my super secret password' is not valid password".
I have created PR to show you, what I have in mind ;-)

@AuHau
Copy link
Collaborator Author

AuHau commented Mar 5, 2019

Fixed with #53.

@AuHau AuHau closed this as completed Mar 5, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants