KPasswordEdit patch (was Re: new widgets...)

Simon Hausmann hausmann at kde.org
Fri Sep 27 09:05:29 BST 2002


On Thu, Sep 26, 2002 at 10:31:36AM -0400, Pupeno wrote:
Content-Description: clearsigned data
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Thursday 26 September 2002 09:32, Alexander Kellett wrote:
> > > On Thursday 26 September 2002 05:23, Thomas Zander wrote:
> > > > > - KPasswordEdit: the api of this widget is rather poor returning a
> > > > > const char* of the typed password (should it be a QString or
> > > > > something like that ?) and there's not setPassword function.
> > > >
> > > > Returning a pointer to the string as typed by the user is the only way
> > > > to make sure minimal copying and therefor maximum security can be
> > > > reached. Please don't change that.
> > >
> > > I imagined that the use of a char was for security reasons... but, what
> > > would happen with passwords containing unicode chars ?
> > > Is still a setPassword(const char*?) method a bad idea ?
> >
> > anyways, if we are so security concious why don't we also do a mlock?
> >
> > Alex (who's just starting reading too many man pages on his system)
> Here's a patch that adds a setPassword() function to KPasswordEdit and also 
> uses mlock to keep the password secure im memory as Alexander 'sugested'.
> If you see any bug there, please tell me.

It is not more secure at all because the mlock()/munlock() calls
will fail if the processes is not running with root privileges.
Citing Waldo: Sorry, security is not optional :)

Simon




More information about the kde-core-devel mailing list