Add a SECURE style flag for ThreadSafeMessageBox, which indicates that the message contains sensitive information #5095

pull maaku wants to merge 1 commits into bitcoin:master from maaku:rpcpassword-in-debug-log changing 4 files +12 −2
  1. maaku commented at 11:23 PM on October 16, 2014: contributor

    This keeps the message from being output to the debug log by bitcoind. Fixes a possible security risk when starting bitcoind in server mode without the 'rpcpassword' option configured, resulting in the "suggested" password being output to the debug log.

    Fixes #5094.

  2. in src/noui.cpp:None in ea48502838 outdated 
      13 | @@ -14,6 +14,9 @@
  14 |  
  15 |  static bool noui_ThreadSafeMessageBox(const std::string& message, const std::string& caption, unsigned int style)
  16 |  {
  17 | +    bool fSecure = style & CClientUIInterface::SECURE;
  18 | +    style ^= CClientUIInterface::SECURE;
    sipa commented at 11:44 PM on October 16, 2014:

    Sure you don't mean:

    style &= ~CClientUIInterface::SECURE

    here?

    maaku commented at 6:56 AM on October 17, 2014:

    Whoops, yep. The first version had that line inside an if (fSecure) block. Fixing...

  3. laanwj commented at 6:31 AM on October 17, 2014: member

    Looks like an acceptable solution to me (apart from sipa's nit).

  4. Add a SECURE style flag for ThreadSafeMessageBox, which indicates that the message contains sensitive information. This keeps the message from being output to the debug log by bitcoind. Fixes a possible security risk when starting bitcoind in server mode without the 'rpcpassword' option configured, resulting in the "suggested" password being output to the debug log. d4746d56c0
  5. maaku force-pushed on Oct 17, 2014
  6. maaku commented at 6:52 PM on October 17, 2014: contributor

    Pushed an update last night fixing sipa's correct nit.

  7. TheBlueMatt commented at 12:30 AM on October 18, 2014: member 
    -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Tested ACK commithash d4746d56c0c45b8721da36bc19b2bdaba5d7d094
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBAgAGBQJUQbR4AAoJEIm7uGY+LmXOhPEQAN/yAG2CrjWTcJqB+GDHeL4l
hncyJAVjpAasQFls0D9IxQP8vrb3bRy5m2JjU8npIKgrqJF0+785IZZFoGhw74d+
MofGkx9iFySg91y5VysmIARVAKuGiH6yK6udxSZvH7qU86u4CP/kRJe1qSO0NaMq
zTLab+QdCgwH02qo2sBQtz3+IosRb/+QvqE1JnaxRTcQXOmtatZl4YtA/8Kqq3LX
J6StzsiG+riMaXzm69OOX87Tp/AZa7git5QNxWhPSaHanq5T2sg7cQgOBEE/2cuY
padjK8MfuRer9nDnmgYuHegmKm0MSygc9F2Vk7s1rPpyzUZBZrkXHkPoFeCwZNh9
NsfMALYDRtfM6lZ8qhpn6KOIJPENscZj9WwMGsqdjyPcoqXPCW86Da//R7mDEg0n
EBY4h/xZLM3f00mCr9MKnw35rkKHI++F5poOTpIsfHp9czcJRIoAWKD8x1abfVgK
Inh0ewRXueaJls7xyWuVC3ZQzGmscrpvcntWpkSR/H8/P4pFQc83IbLtAzNRYTGs
Hf7zakkk3CHse6mFOxqRChr7dennNsSuelfA/mswBnreFpLtaZd90EEvR8OMEj13
rEKHvPim78IGObqhuzCOo7RvZMf6nk/9VedYrtzuNWBx4gTZmn6gaojwBWg+VwFX
eE67k9MpQ7aXsshfTDQ5
=ZIVM
-----END PGP SIGNATURE-----
  8. laanwj merged this on Oct 20, 2014
  9. laanwj closed this on Oct 20, 2014
  10. laanwj referenced this in commit 64ffc995d6 on Oct 20, 2014
  11. laanwj commented at 9:37 AM on October 20, 2014: member

    Tested ACK

  12. DrahtBot locked this on Sep 8, 2021
Contributors
maakusipalaanwjTheBlueMatt
Linked (view graph)
#5094 Suggested 'rpcpassword' should not be printed to debug.log
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-13 18:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me