Mercurial > thoughts
comparison org/emacs-password.org @ 9:8db204acd089
emacs password concerns.
| author | Robert McIntyre <rlm@mit.edu> |
|---|---|
| date | Tue, 12 Mar 2013 12:31:01 +0000 |
| parents | |
| children | d07e0b902528 |
comparison
equal
deleted
inserted
replaced
| 8:5676533b82d8 | 9:8db204acd089 |
|---|---|
| 1 #+title: Password Security in Emacs Terminal Emulators | |
| 2 #+author: Robert McIntyre | |
| 3 #+email: rlm@mit.edu | |
| 4 #+description: emacs terminal password security | |
| 5 #+keywords: emacs, password, security, term | |
| 6 #+SETUPFILE: ../../aurellem/org/setup.org | |
| 7 #+INCLUDE: ../../aurellem/org/level-0.org | |
| 8 #+babel: :mkdirp yes :noweb yes :exports both | |
| 9 | |
| 10 I use emacs for everything -- email, programming, document | |
| 11 preparation, planning... You name it, I do it! One thing which I use | |
| 12 emacs for is terminal emulation, which is where you create a buffer in | |
| 13 emacs where you can enter commands as if the buffer were a | |
| 14 terminal. Good terminal emulation packages for emacs include | |
| 15 =multi-term= and =term=. | |
| 16 | |
| 17 * Watch Out for =view-lossave=! | |
| 18 However, if you are going to use terminal emulation in emacs, you have | |
| 19 to be careful around "sudo" prompts, and when logging into other | |
| 20 servers using ssh, because /the last 300 keystrokes you have types in | |
| 21 emacs are available/ using =C-h l=, a help function in emacs which | |
| 22 displays the last keypresses you have types. | |
| 23 | |
| 24 #+begin_example | |
| 25 C-h l runs the command view-lossage, which is an interactive compiled | |
| 26 Lisp function in `help.el'. | |
| 27 | |
| 28 It is bound to C-h l, <help> l. | |
| 29 | |
| 30 (view-lossage) | |
| 31 | |
| 32 Display last 300 input keystrokes. | |
| 33 #+end_example | |
| 34 | |
| 35 Let's say my password is "sup3r-seekrit#7". | |
| 36 | |
| 37 I open an emacs terminal using =M-x multi-term=, then do the following | |
| 38 | |
| 39 #+begin_example | |
| 40 [~] $ ssh rlm@linerva.mit.edu | |
| 41 Password: | |
| 42 | |
| 43 Welcome to Linerva, the SIPB Linux dialup for MIT. | |
| 44 Linerva runs Debathena on Debian squeeze. | |
| 45 http://linerva.mit.edu for more information | |
| 46 blanche linerva-announce -a $USER # for outage announcements | |
| 47 linerva@mit.edu (not IS&T) for questions and bug reports | |
| 48 | |
| 49 Last login: Mon Mar 4 12:53:23 2013 from ella.csail.mit.edu | |
| 50 rlm@dr-wily:~$ exit | |
| 51 logout | |
| 52 Connection to linerva.mit.edu closed. | |
| 53 #+end_example | |
| 54 | |
| 55 Now, when I type =C-h l=, I can see this: | |
| 56 | |
| 57 #+begin_example | |
| 58 s s h SPC r l m @ l i n e r v a . m i t . e d u <return> | |
| 59 s u p 3 r - s e e k r i t # 7 <return> e x i t C-h l | |
| 60 #+end_example | |
| 61 | |
| 62 Needless to say, this can be a security vulnerability. | |
| 63 | |
| 64 * Solutions to this problem | |
| 65 | |
| 66 - If you don't ever type your password into an emacs terminal buffer, | |
| 67 then you are not at risk. This can be accomplished by using ssh | |
| 68 keyfiles or kereberos for connecting to remote servers, and by | |
| 69 enabling passwordless sudo. | |
| 70 | |
| 71 - You can disable emacs keylogging, though you then won't be able to | |
| 72 use the =view-lossage= command anymore. | |
| 73 | |
| 74 - If there's no way for an attacker to get into your emacs process, | |
| 75 then your passwords are safe. Still, you run the risk of someone | |
| 76 physically near your computer using this method to view your | |
| 77 password, as well as inadvertently exposing your password when | |
| 78 showing someone what =view-lossage= does! | |
| 79 | |
| 80 * Source Listing | |
| 81 #+html: <ul> <li> <a href="../org/emacs-password.org">This org file</a> </li> </ul> | |
| 82 | |
| 83 | |
| 84 | |
| 85 | |
| 86 |