new widgets...
Alexander Kellett
lypanov at kde.org
Thu Sep 26 14:32:33 BST 2002
On Thu, Sep 26, 2002 at 09:19:00AM -0400, Pupeno wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Thursday 26 September 2002 05:23, Thomas Zander wrote:
> > > - KPasswordEdit: the api of this widget is rather poor returning a const
> > > char* of the typed password (should it be a QString or something like
> > > that ?) and there's not setPassword function.
> >
> > Returning a pointer to the string as typed by the user is the only way to
> > make sure minimal copying and therefor maximum security can be reached.
> > Please don't change that.
> I imagined that the use of a char was for security reasons... but, what would
> happen with passwords containing unicode chars ?
> Is still a setPassword(const char*?) method a bad idea ?
anyways, if we are so security concious why don't we also do a mlock?
Alex (who's just starting reading too many man pages on his system)
More information about the kde-core-devel
mailing list