[issue7208] Getpass echo's password to screen on 2.6, but not on 2.5 or 3.1
Gregory P. Smith
report at bugs.python.org
Sat Oct 31 23:26:15 CET 2009
Gregory P. Smith <greg at krypto.org> added the comment:
It might mean that other threads with access to the same file handle
could interfere and intercept part of the password entry if they wanted
to but thats not too concerning.
py3k/Modules/_io/bufferedio.c which is presumably used when input is
sys.stdin instead of a /dev/tty file appears to lock things.
Compared to glibc's getpass implementation the locking should probably
be done around a wider swath of getpass code in order to protect all
possible race conditions of other code accessing the handle as we set it
up and display the prompt. I don't really think it is something worry
about as it requires code executing within the context of your own
getpass calling program to be doing something that'll interfere with
your password reading. If someone has -that- problem they have bigger
issues.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue7208>
_______________________________________
More information about the Python-bugs-list
mailing list