|
From: | Stefan Monnier |
Subject: | Re: [Patch] Avoid recording chars when reading passwords |
Date: | Wed, 15 Jun 2022 08:27:51 -0400 |
User-agent: | Gnus/5.13 (Gnus v5.13) Emacs/29.0.50 (gnu/linux) |
> The next question is: do we want to enable this by default I'm strongly in favor of it being enabled by default, yes. I think most people expect that their passwords aren't trivially available in clear from the lossage. > and in a way that users cannot have the previous behavior back? I'd think being able to redefine `read-password` is sufficient, because it should really be extremely uncommon to need your password to appear in lossage and/or a dribble file. Stefan
[Prev in Thread] | Current Thread | [Next in Thread] |