RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 21:17:45 +00:00
Code Issues Activity Actions

LibCore: Make get_password return SecretString instead of String

Browse source 
We shouldn't let secrets sit around in memory, as they could potentially
be retrieved by an attacker, or left in memory during a core dump.
This commit is contained in:
Brian Gianforcaro 2021-09-11 09:53:25 -07:00 committed by Andreas Kling
parent 3bf6902790
commit 9e667453c7
6 changed files with 12 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

3
Userland/Utilities/passwd.cpp
View file

@ -5,6 +5,7 @@
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <AK/ScopeGuard.h>
#include <LibCore/Account.h>
#include <LibCore/ArgsParser.h>
#include <LibCore/GetPassword.h>
@ -114,7 +115,7 @@ int main(int argc, char** argv)
return 1;
}
if (new_password.value() != new_password_retype.value()) {
if (new_password.value().view() != new_password_retype.value().view()) {
warnln("Sorry, passwords don't match.");
warnln("Password for user {} unchanged.", target_account.username());
return 1;