Signed-off-by: Sami Kerola <kerolasa@xxxxxx>
---
login-utils/newgrp.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/login-utils/newgrp.c b/login-utils/newgrp.c
index 55dad1b..84e20b0 100644
--- a/login-utils/newgrp.c
+++ b/login-utils/newgrp.c
@@ -99,9 +99,10 @@ static int allow_setgid(struct passwd *pe, struct group *ge)
if (!(pwd = get_gshadow_pwd(ge->gr_name)))
pwd = ge->gr_passwd;
- if (pwd && *pwd && (xpwd = getpass(_("Password: ")))) {
+ if (pwd && *pwd && (xpwd = xgetpass(_("Password: ")))) {
char *cbuf = crypt(xpwd, pwd);
+ memset_s(xpwd, strlen(xpwd), 0);
if (!cbuf)
warn(_("crypt() failed"));
else if (strcmp(pwd, cbuf) == 0)
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe util-linux" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
