SetPassword causes usermod with password on the command line
Submitted by Stef Walter
Assigned to Matthias Clasen
Calling SetPassword() on the AccountsService results in a crypted password included on the command line. This seems to me to be minor security hole. It is the equivalent of having /etc/shadow readable by non-root users (albeit only for those who change their password via the AccountsService).
Any other local user can (in a default linux configuration) see the command lines of any other process on the system.
The relevant code is in src/user.c in the user_change_password_authorized_cb() function:
argv = "/usr/sbin/usermod"; argv = "-p"; argv = strings; argv = "--"; argv = user->user_name; argv = NULL;
strings has been set to the crypted password in user_set_password(). The crypted password has been passed from the client (ie: gnome-control-center).