[kdepim-users] keystrokes being echoed
Martin Steigerwald
martin at lichtvoll.de
Wed Sep 16 20:15:31 BST 2015
Am Sonntag, 16. August 2015, 23:35:17 CEST schrieb Ingo Klöcker:
> On Saturday 15 August 2015 09:01:40 René J.V. Bertin wrote:
> > Hi,
Hello Ingo,
> > I'm running KDE PIM 4.13.3 but just updated my KDE libs to 4.14.11
> > (git/head). Moments ago kontact crashed on me (hopefully unrelated),
> > and now I'm getting an echo (on the calling terminal) of the (ascii)
> > code of every key I hit in text/message body frames but also in the
> > subject line. Quite annoying.
>
> I'm seeing this in KMail resp., more specifically, in KMail's new mail
> composer. It's indeed pretty annoying.
It is not just annoying. Its a security / privacy hole.
> > Is this a debugging feature in KDE PIM that I somehow triggered, or
> > should I file a kdelibs bug report?
>
> My guess is that someone added a corresponding debug statement to KMail
> to track down some bug and then forgot to remove it again before pushing
> the fix. I suggest filing a bug for KMail, but it's possible that it
> will be closed immediately because it has already been fixed for the
> next version KMail/Kontact (which will be based on Qt5/KF5).
This is also in Konqueror and actually it is a security hole as it basically
implements a local keylogger. Anything with access to ~/.xsession-errors can
grab everything typed within KMail an Konqueror.
Bug#799186: konqueror: now comes with built-in keylogger
http://bugs.debian.org/799186
I will report it upstream until Thorsten beats me to it.
Thanks,
--
Martin
_______________________________________________
KDE PIM users mailing list
Subscription management: https://mail.kde.org/mailman/listinfo/kdepim-users
More information about the kdepim-users
mailing list