Description of problem:

/usr/sbin/testsaslauthd requires the password to be specified on the command line with the -p flag in plaintext.  There is no provision to provide a password via any other mechanism.

This is a security vulnerability (testsaslauthd is "insecure by design").  Command-line arguments are visible to other users in 'ps'.  They are also recorded in .history files, so they will be stored to disk and may persist for an unpredictable amount of time.

You may be tempted to think that this doesn't matter because testsaslauthd is just for testing.  But it is a violation of my security policy to EVER type my password in a place that could cause it to be visible to others or stored in plaintext on my hard disk.  As a result testsaslauthd is not usable by those who must follow similar policies.

Suggestion: Provide a way to specify the password on stdin.


Version-Release number of selected component (if applicable):

# rpm -q -f /usr/sbin/testsaslauthd
cyrus-sasl-2.1.22-15.fc9.x86_64


How reproducible:

This functionality is part of the design of testsaslauthd so is 100% reproducible.


This is a security-related defect but there is no reason to keep it confidential, as the security vulnerability is obvious to anyone who uses the program or reads the manual page.