<table><tr><td style="">sitter added a comment.
</td><a style="text-decoration: none; padding: 4px 8px; margin: 0 8px 8px; float: right; color: #464C5C; font-weight: bold; border-radius: 3px; background-color: #F7F7F9; background-image: linear-gradient(to bottom,#fff,#f1f0f1); display: inline-block; border: 1px solid rgba(71,87,120,.2);" href="https://phabricator.kde.org/D23384">View Revision</a></tr></table><br /><div><div><p>I haven't read everything in great detail... but...</p>
<p>Quick braindump of musing I did elsewhere: as far as credential hand-over is concerned this is likely a problem that needs a workaround for now as there is no clear cut solution that I am aware of. It may be worth talking to gnome about this and come up with an xdg standard for this.</p>
<p>The trouble is: we can't pass credentials in the URL as that'd be an exec argument and that would by default leak into /proc where the credential is then world readable. What we need is an additional system to pass credentials.</p>
<p>IMHO what likely is the smartest choice to is to have credentials stored in a running Secret Service API daemon and have clients then get the credentials out of there. Possibly with some additional ephemeral storage type (e.g. we cache credentials in kiod but store them in kwallet currently, that gives two points where we can leak secrets. if we were to move everything into the secret service we'd have a single service that needs securing). Just my opinion on the matter.</p>
<p>Until we have a cross desktop spec defining the passing of credentials I imagine we can't really let applications handle URLs for which we have/need credentials and I suspect determining if we need credentials is also a bit tricky.<br />
The opposite extreme is to always pass when X-KDE-Protocols is set and assume that the applications are actually working correctly (e.g. vlc ought to talk to kiod/KPasswdServerClient to get credentials, otherwise its declaration of X-KDE-Protocols is incorrect and you are looking at a bug in vlc. at the very least it should throw up its own auth dialog if it doesn't know what to do).</p></div></div><br /><div><strong>REPOSITORY</strong><div><div>R241 KIO</div></div></div><br /><div><strong>REVISION DETAIL</strong><div><a href="https://phabricator.kde.org/D23384">https://phabricator.kde.org/D23384</a></div></div><br /><div><strong>To: </strong>feverfew, fvogt, davidedmundson, dfaure, ngraham<br /><strong>Cc: </strong>broulik, sitter, davidedmundson, kde-frameworks-devel, ngraham, LeGast00n, GB_2, michaelh, bruns<br /></div>