parazyd.org/1/git/tomb/commit/b7f4e3a7fd39ad03bcd58e5f5bfbb41a3969f0a5.gph

       tUse print for non-escaped piping of secret - tomb - the crypto undertaker
  HTML git clone git://parazyd.org/tomb.git
   DIR Log
   DIR Files
   DIR Refs
   DIR README
   DIR LICENSE
       ---
   DIR commit b7f4e3a7fd39ad03bcd58e5f5bfbb41a3969f0a5
   DIR parent 489b3582cb3291e60c4002187466e24f07aa5f80
  HTML Author: Jaromil <jaromil@dyne.org>
       Date:   Thu, 20 Nov 2014 15:53:45 +0100
       
       Use print for non-escaped piping of secret
       
       after fixing issue #154 with echo here we revert to using print with
       options -R -n which sort the same effect. Print is preferred since it
       executes the built-in command without any possible ambiguity. We don't
       want to expose secrets to an external executable in case of a simple
       attack that would change the env PATH to use a rootkitted echo.
       
       Diffstat:
         M tomb                                |       2 +-
       
       1 file changed, 1 insertion(+), 1 deletion(-)
       ---
   DIR diff --git a/tomb b/tomb
       t@@ -979,7 +979,7 @@ ask_key_password() {
        # call cryptsetup with arguments using the currently known secret
        # echo flags eliminate newline and disable escape (BSD_ECHO)
        _cryptsetup() {
       -    echo -n -E - "$TOMBSECRET" | cryptsetup --key-file - ${=@}
       +    print -R -n - "$TOMBSECRET" | cryptsetup --key-file - ${=@}
            return $?
        }