Tidying up password storage in Amarok
Andrzej J. R. Hunt
andrzej at ahunt.org
Wed Apr 11 20:21:25 UTC 2012
On 10/04/12 20:16, Matěj Laitl wrote:
> On 10. 4. 2012 Stefan Derkits wrote:
>>> Hmm, I may want to allow storing last.fm password in plain-text
>>> while disabling to store MySQL pass in plain-text. The confirmation
>>> should be probably per-plugin then.
>> that sounds a little bit not so user-friendly (having to confirm
>> secure storage for every plugin).
>> I would suggest to always take the most secure storage available,
>> without any config options or per plugin options.
>> If I have a secure password store like KWallet why would I want to
>> save any password in plain text?
> I didn't express myself correctly, for sure KWallet should be used by default
> without asking. I wanted to say that if KWallet isn't available, I may want to
> be asked for each password separately to store it in plain-text or not at all.
> (because some of them may be more valuable)
I've just been looking at the way all the plugins use their passwords.
It seems a redesign would be needed to allow password entry manually:
currently the plugins stay disabled until a password is stored, once one
is stored, they use this every startup to authenticate with their
service. If you want to be able to have the user asked for login details
every startup you would need to change the plugins to repeatedly ask for
passwords until they can login (e.g. in case there is a typo in the
password etc.), rather than just having them ask for a password once
(since they assume the passwords are stored correctly), and then fail
silently when the password doesn't work (this at least is the case for
LastFM).
Therefore I think it's probably better to work on the assumption that
all passwords are stored on disk -- I wouldn't think it too unreasonable
to expect those, who want a specific password not to be in plaintext, to
go to the bother of setting up KWallet (or whatever other backends are
added) correctly?
Incidentally the MySQL configuration interface is implemented using
KConfigXT (an xml file which is translated to c++, which then writes to
plaintext, if I've understood it correctly), i.e. the settings aren't
stored in KWallet. I'll look into whether that can be changed when I'm
migrating the plugins to use PasswordManager.
More information about the Amarok-devel
mailing list