Fwd: KWallet weaknesses (was: [PATCH] Make pinentry-qt read and store passphrases in KDE 3.2's wallet)
George Staikos
staikos at kde.org
Sat Dec 6 19:35:05 GMT 2003
On Saturday 06 December 2003 08:55, Martin Konold wrote:
> > Parts of the unlocked wallet can be found in the swap partition, unless
> > you use encrypted swap (which is unfortunately not very popular yet).
>
> encrypted swap is not really required.
>
> Please check
>
> man 2 mlock
Don't you remember our conversation at Nove Hrady? Eventually the password
has to go to a non-mlocked region, and actually goes over DCOP, and often the
lan, so what's the point? It only protects a very small number of cases for
kwallet, really. The better solution is a complete trusted system. Oops I
didn't say that.
--
George Staikos
KDE Developer http://www.kde.org/
Staikos Computing Services Inc. http://www.staikos.net/
More information about the kde-core-devel
mailing list