New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Qt] Don't add arguments of sensitive command to console window #10093
Conversation
5814dd6
to
7278537
Compare
Why? |
Even if we don't persist the console windows content, one may not want to expose private keys (and the wallet passphrase) on the screen. IMO "shell"-like interpreters should never reveal passwords "on screen" after they have been typed-in. |
Agree, it is somewhat useful to prevent shoulder-surfing. Concept ACK. |
ACK 7278537. Code change is trivial. Tested and confirmed it removes arguments onscreen in addition to ones in history (which were already removed before). |
Lightly-tested ACK. |
…e window 7278537 [Qt] Don't add arguments of sensitive command to console window (Jonas Schnelli) Tree-SHA512: 3e5aa19a3f157caf383a0fd7dbf9b0d298d31ddaf8e24e3d1a8b913e19f54f3b69e115f98a21f3e3a14e5ccb368b59de061490ed39718299456a04989f8e3366
… console window 7278537 [Qt] Don't add arguments of sensitive command to console window (Jonas Schnelli) Tree-SHA512: 3e5aa19a3f157caf383a0fd7dbf9b0d298d31ddaf8e24e3d1a8b913e19f54f3b69e115f98a21f3e3a14e5ccb368b59de061490ed39718299456a04989f8e3366
… console window 7278537 [Qt] Don't add arguments of sensitive command to console window (Jonas Schnelli) Tree-SHA512: 3e5aa19a3f157caf383a0fd7dbf9b0d298d31ddaf8e24e3d1a8b913e19f54f3b69e115f98a21f3e3a14e5ccb368b59de061490ed39718299456a04989f8e3366
… console window 7278537 [Qt] Don't add arguments of sensitive command to console window (Jonas Schnelli) Tree-SHA512: 3e5aa19a3f157caf383a0fd7dbf9b0d298d31ddaf8e24e3d1a8b913e19f54f3b69e115f98a21f3e3a14e5ccb368b59de061490ed39718299456a04989f8e3366
… console window 7278537 [Qt] Don't add arguments of sensitive command to console window (Jonas Schnelli) Tree-SHA512: 3e5aa19a3f157caf383a0fd7dbf9b0d298d31ddaf8e24e3d1a8b913e19f54f3b69e115f98a21f3e3a14e5ccb368b59de061490ed39718299456a04989f8e3366
… console window 7278537 [Qt] Don't add arguments of sensitive command to console window (Jonas Schnelli) Tree-SHA512: 3e5aa19a3f157caf383a0fd7dbf9b0d298d31ddaf8e24e3d1a8b913e19f54f3b69e115f98a21f3e3a14e5ccb368b59de061490ed39718299456a04989f8e3366
… console window 7278537 [Qt] Don't add arguments of sensitive command to console window (Jonas Schnelli) Tree-SHA512: 3e5aa19a3f157caf383a0fd7dbf9b0d298d31ddaf8e24e3d1a8b913e19f54f3b69e115f98a21f3e3a14e5ccb368b59de061490ed39718299456a04989f8e3366
… console window 7278537 [Qt] Don't add arguments of sensitive command to console window (Jonas Schnelli) Tree-SHA512: 3e5aa19a3f157caf383a0fd7dbf9b0d298d31ddaf8e24e3d1a8b913e19f54f3b69e115f98a21f3e3a14e5ccb368b59de061490ed39718299456a04989f8e3366
… console window 7278537 [Qt] Don't add arguments of sensitive command to console window (Jonas Schnelli) Tree-SHA512: 3e5aa19a3f157caf383a0fd7dbf9b0d298d31ddaf8e24e3d1a8b913e19f54f3b69e115f98a21f3e3a14e5ccb368b59de061490ed39718299456a04989f8e3366
… console window 7278537 [Qt] Don't add arguments of sensitive command to console window (Jonas Schnelli) Tree-SHA512: 3e5aa19a3f157caf383a0fd7dbf9b0d298d31ddaf8e24e3d1a8b913e19f54f3b69e115f98a21f3e3a14e5ccb368b59de061490ed39718299456a04989f8e3366
… console window 7278537 [Qt] Don't add arguments of sensitive command to console window (Jonas Schnelli) Tree-SHA512: 3e5aa19a3f157caf383a0fd7dbf9b0d298d31ddaf8e24e3d1a8b913e19f54f3b69e115f98a21f3e3a14e5ccb368b59de061490ed39718299456a04989f8e3366
… console window 7278537 [Qt] Don't add arguments of sensitive command to console window (Jonas Schnelli) Tree-SHA512: 3e5aa19a3f157caf383a0fd7dbf9b0d298d31ddaf8e24e3d1a8b913e19f54f3b69e115f98a21f3e3a14e5ccb368b59de061490ed39718299456a04989f8e3366
… console window 7278537 [Qt] Don't add arguments of sensitive command to console window (Jonas Schnelli) Tree-SHA512: 3e5aa19a3f157caf383a0fd7dbf9b0d298d31ddaf8e24e3d1a8b913e19f54f3b69e115f98a21f3e3a14e5ccb368b59de061490ed39718299456a04989f8e3366
… console window 7278537 [Qt] Don't add arguments of sensitive command to console window (Jonas Schnelli) Tree-SHA512: 3e5aa19a3f157caf383a0fd7dbf9b0d298d31ddaf8e24e3d1a8b913e19f54f3b69e115f98a21f3e3a14e5ccb368b59de061490ed39718299456a04989f8e3366
… console window 7278537 [Qt] Don't add arguments of sensitive command to console window (Jonas Schnelli) Tree-SHA512: 3e5aa19a3f157caf383a0fd7dbf9b0d298d31ddaf8e24e3d1a8b913e19f54f3b69e115f98a21f3e3a14e5ccb368b59de061490ed39718299456a04989f8e3366
… console window 7278537 [Qt] Don't add arguments of sensitive command to console window (Jonas Schnelli) Tree-SHA512: 3e5aa19a3f157caf383a0fd7dbf9b0d298d31ddaf8e24e3d1a8b913e19f54f3b69e115f98a21f3e3a14e5ccb368b59de061490ed39718299456a04989f8e3366
At the moment, we hide sensitive command arguments from the console history but not from the console window.
This tiny change will also hide the arguments from the console window.
Especially for "importmulti", this may be a little bit annoying because if one executes a command with invalid arguments, you need to start type in everything again.
Ideally we would only filter the command if sensitive arguments have been used (complicated to implement).
List of sensitive commands: