Bug#778924: ITP: linssid -- graphical wireless scanner

Timo Juhani Lindfors Sun, 22 Feb 2015 07:33:37 -0800

Hi,

Joao Eriberto Mota Filho <eribe...@debian.org> writes:
> Package: wnpp
> Severity: wishlist
> Owner: Joao Eriberto Mota Filho <eribe...@debian.org>
>
> * Package name    : linssid
>   Version         : 2.7
>   Upstream Author : Warren Severin <wseve...@warsev.com>
> * URL             : https://sf.net/projects/linssid


I took a brief look at the source code and noticed that it leaks user's
password in the process list:

void MainForm::addInterfaces() {
...
commandLine = "echo \'" + password + "\' | sudo -kS -p \"\" " + commandLine;
...
if (system(commandLine.c_str()) == 0) {


-Timo


-- 
To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/847fvakn7y....@sauna.l.org

Bug#778924: ITP: linssid -- graphical wireless scanner

Reply via email to