Passwords are not protected by secure input entry in macOS

[aapeliv]

Expected Behavior

Password fields that are not visible should be inaccessible to event taps by other apps. See Apple tech note TN2150. With SIP, this also stops root apps from creating such taps.

Current Behavior

Passwords can be accessed using an event tap (at least for apps registered in the accessibility menu, e.g. Dropbox).

Possible Solution

See PR

Steps to Reproduce

1. Open Keepass and a keylogger (e.g. https://github.com/caseyscarborough/keylogger)
2. Type text into a password field that is hidden

Context

Debug Info

KeePassXC - Version 2.4.3
Revision: 5d6ef0c

Qt 5.12.3
Debugging mode is disabled.

Operating system: macOS Mojave (10.14)
CPU architecture: x86_64
Kernel: darwin 18.5.0

Enabled extensions:

• Auto-Type
• Browser Integration
• SSH Agent
• KeeShare (signed and unsigned sharing)
• YubiKey
• TouchID

Cryptographic libraries:
libgcrypt 1.8.4

[droidmonkey]

This tech note is from 2007. The methods applied are no longer valid.