Use print for non-escaped piping of secret

after fixing issue #154 with echo here we revert to using print with
options -R -n which sort the same effect. Print is preferred since it
executes the built-in command without any possible ambiguity. We don't
want to expose secrets to an external executable in case of a simple
attack that would change the env PATH to use a rootkitted echo.
This commit is contained in:
Jaromil 2014-11-20 15:53:45 +01:00
parent 489b3582cb
commit b7f4e3a7fd

2
tomb
View File

@ -979,7 +979,7 @@ ask_key_password() {
# call cryptsetup with arguments using the currently known secret # call cryptsetup with arguments using the currently known secret
# echo flags eliminate newline and disable escape (BSD_ECHO) # echo flags eliminate newline and disable escape (BSD_ECHO)
_cryptsetup() { _cryptsetup() {
echo -n -E - "$TOMBSECRET" | cryptsetup --key-file - ${=@} print -R -n - "$TOMBSECRET" | cryptsetup --key-file - ${=@}
return $? return $?
} }