bug#30190: 27.0.50; term run in line mode shows user passwords

[Tino Calancha]

On Sat, 3 Feb 2018, Noam Postavsky wrote:

> Tino Calancha <tino.calancha@gmail.com> writes:
>
> > Noam Postavsky <npostavs@users.sourceforge.net> writes:
> >
> > > Yes, seems to have been the case for a long time, I can reproduce back
> > > to 24.3 (oldest Emacs version I have running).
> > This is a security risk.  I would like to have it fixed ASAP.
> > Below patch seems to work.  Any feedback would be appreciated.
>
> Doesn't look like that much of a risk to me: the user immediately sees
> the problem, so it's more of a minor nuisance.
It depends of the situation.  Few years ago, my boss watched my password
because this thing; if the password would be an offensive word
against him (it wasn't, he was nice) I could be fired.  I remember he 
mnetioned very proudly that in vi editor the password is always hidden...

This is also a risk while pair-programming; recently I am doing a lot with
several buddies.  I suspect one of my passwords might be compromised.
> > -(defcustom comint-password-prompt-regexp
>
> I don't see an alias for this one.  Otherwise I think it's okay.
Thanks, I will fix that.