-
Notifications
You must be signed in to change notification settings - Fork 153
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security] Do not allow setting user passwords on the commandline #341
Comments
Please submit a PR against the Development branch to add this functionality.
…On Mon, Jan 25, 2021 at 9:48 PM AJ Jordan ***@***.***> wrote:
This is a security vulnerability because under an out-of-the-box Linux
configuration, any user can read any process' command line arguments. That
means that a local attacker would be able to see the new password as the
command was being run.
To prevent this lxdui user update and friends should drop their -p option
and instead only accept passwords interactively or via environment variable
(environment variables are secure because they do not have the same
problem, and they can be used in noninteractive settings just as easily).
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#341>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ACXOWQ6LJXVAT45JLXKBYHTS3Y3PXANCNFSM4WSY5X2Q>
.
|
strugee
added a commit
to strugee/lxdui
that referenced
this issue
Jan 27, 2021
This was referenced Jan 27, 2021
strugee
added a commit
to strugee/lxdui
that referenced
this issue
Feb 5, 2021
ailegion
pushed a commit
that referenced
this issue
Jul 1, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is a security vulnerability because under an out-of-the-box Linux configuration, any user can read any process' command line arguments. That means that a local attacker would be able to see the new password as the command was being run.
To prevent this
lxdui user update
and friends should drop their-p
option and instead only accept passwords interactively or via environment variable (environment variables are secure because they do not have the same problem, and they can be used in noninteractive settings just as easily).The text was updated successfully, but these errors were encountered: