KPasswordEdit patch (was Re: new widgets...)

Pupeno pupeno at
Thu Sep 26 15:31:36 BST 2002

Hash: SHA1

On Thursday 26 September 2002 09:32, Alexander Kellett wrote:
> > On Thursday 26 September 2002 05:23, Thomas Zander wrote:
> > > > - KPasswordEdit: the api of this widget is rather poor returning a
> > > > const char* of the typed password (should it be a QString or
> > > > something like that ?) and there's not setPassword function.
> > >
> > > Returning a pointer to the string as typed by the user is the only way
> > > to make sure minimal copying and therefor maximum security can be
> > > reached. Please don't change that.
> >
> > I imagined that the use of a char was for security reasons... but, what
> > would happen with passwords containing unicode chars ?
> > Is still a setPassword(const char*?) method a bad idea ?
> anyways, if we are so security concious why don't we also do a mlock?
> Alex (who's just starting reading too many man pages on his system)
Here's a patch that adds a setPassword() function to KPasswordEdit and also 
uses mlock to keep the password secure im memory as Alexander 'sugested'.
If you see any bug there, please tell me.
Can this type of things be commited now ?
Thank you.
- -- 
Pupeno: pupeno at
- ---
Help the hungry children of Argentina, 
please go to (and make it your homepage):
Version: GnuPG v1.0.7 (GNU/Linux)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: securesetpassword.patch
Type: text/x-diff
Size: 2293 bytes
Desc: not available
URL: <>

More information about the kde-core-devel mailing list