getpass — get a password
#include <unistd.h>
char
*getpass( |
const char * | prompt); |
This function is obsolete. Do not use it.
The getpass() function opens
/dev/tty (the controlling
terminal of the process), outputs the string prompt, turns off echoing,
reads one line (the "password"), restores the terminal state
and closes /dev/tty again.
The function getpass()
returns a pointer to a static buffer containing the (first
PASS_MAX bytes of) the password
without the trailing newline, terminated by a null byte
('\0'). This buffer may be overwritten by a following call.
On error, the terminal state is restored, errno is set appropriately, and NULL is
returned.
For libc4 and libc5, the prompt is not written to
/dev/tty but to stderr. Moreover, if /dev/tty cannot be opened, the password is
read from stdin. The static
buffer has length 128 so that only the first 127 bytes of the
password are returned. While reading the password, signal
generation (SIGINT, SIGQUIT, SIGSTOP, SIGTSTOP) is disabled and the corresponding
characters (usually control-C, control-\, control-Z and
control-Y) are transmitted as part of the password. Since
libc 5.4.19 also line editing is disabled, so that also
backspace and the like will be seen as part of the
password.
For glibc2, if /dev/tty
cannot be opened, the prompt is written to stderr and the password is read from
stdin. There is no limit on the
length of the password. Line editing is not disabled.
According to the SUSv2, the value of PASS_MAX must be defined in <limits.h>
in case it is smaller than 8, and can in any case be obtained
using sysconf(_SC_PASS_MAX).
However, POSIX.2 withdraws the constants PASS_MAX and _SC_PASS_MAX, and the function getpass(). Libc4 and libc5 have never
supported PASS_MAX or
_SC_PASS_MAX. Glibc2 accepts
_SC_PASS_MAX and returns
BUFSIZ (e.g., 8192).
The calling process should zero the password as soon as possible to avoid leaving the cleartext password visible in the process's address space.