Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
1.4
-
None
-
Mac OS X Mountain Lion
Apache Maven 3.0.3 (r1075438; 2011-02-28 11:31:09-0600)
Maven home: /usr/share/maven
Java version: 1.6.0_37, vendor: Apple Inc.
Java home: /System/Library/Java/JavaVirtualMachines/1.6.0.jdk/Contents/Home
Default locale: en_US, platform encoding: MacRoman
OS name: "mac os x", version: "10.8.2", arch: "x86_64", family: "mac"Mac OS X Mountain Lion Apache Maven 3.0.3 (r1075438; 2011-02-28 11:31:09-0600) Maven home: /usr/share/maven Java version: 1.6.0_37, vendor: Apple Inc. Java home: /System/Library/Java/JavaVirtualMachines/1.6.0.jdk/Contents/Home Default locale: en_US, platform encoding: MacRoman OS name: "mac os x", version: "10.8.2", arch: "x86_64", family: "mac"
Description
At the "GPG Passphrase" prompt, if I hit the backspace key during the entry, the passphrase is printed in cleartext with one less character. For example:
GPG Passphrase: ******************^R mysecretpasswor*^R mysecretpasswo*^R mysecretpassw*^R mysecretpass*^R mysecretpas*^R mysecretpa*^R mysecretp*^R mysecret*^R mysecre*^R mysecr*^R mysec*^R myse*^R mys*^R my*^R m*^R *^R *
This can be fixed by replacing the MaskingThread with Java 6's built-in password prompt (as the code comment had suggested to do):
Console console = System.console(); if ( console != null ) { pass = new String( console.readPassword( "GPG Passphrase: " ) ); }