7zip Password in terminal isn't masked #97
Comments
ACR-Jeff
changed the title
|
I can confirm that this happens on my system too. I installed arch and 7zip today so everything is up to date (date when I write this comment, it is "7zip 24.09-3"). It also happens when decompressing (decrypting) archives and the user doesn't have to repeat the password, it is only entered once. I understand that this is a bug since the changelog mentions not echoing passwords from 2010. Btw, this isn't password encryption, I suggest the title: "Password is echoed in terminal" or something like that. |
Correct, I was sleeping when typing lol. It's more like masking the password with *** or nothing at all visible when typing a password as standard practice. I will correct my title. Thank you for your confirmation. |
ACR-Jeff
changed the title
My system: Void Linux, 7zip version 24.09
Very serious security risk
When creating a
7z a -p filename.tar.7z "dirname"archive the users input isn't masked with *** or nothing visible at all while typing the password.This only happens with 7zip while creating a password protected archive, No other observations of this within the Terminal or within the system other than 7zip.
After posting I did some research and there is an existing outdated report on 7-zip's sourceforge https://sourceforge.net/p/sevenzip/bugs/2450/
The text was updated successfully, but these errors were encountered: