KPasswordEdit patch (was Re: new widgets...)
neil at qualityassistant.com
Fri Sep 27 09:50:40 BST 2002
-----BEGIN PGP SIGNED MESSAGE-----
On Friday September 27, 2002 01:42, David Faure wrote:
> On Friday 27 September 2002 10:17, Neil Stevens wrote:
> > On Friday September 27, 2002 01:05, Simon Hausmann wrote:
> > > It is not more secure at all because the mlock()/munlock() calls
> > > will fail if the processes is not running with root privileges.
> > > Citing Waldo: Sorry, security is not optional :)
> > Well, it's free software. Anyone who wants it optional is going to
> > make it optional. The only question is, are people going to be able
> > to have flexible security models within KDE, or will they have to fork
> > KDE to do so?
> Oh come on. It makes no sense to include code that only works if you
> run a KDE application as root - we've always discouraged doing so
> (to the point that suidroot kde apps are forbidden by kapplication
Grr.. that's not what I meant to convey. I agree the mlock is worthless.
I think the const char * is just as worthless.
I'm talking about making optional the use of a clunky, inconvenient const
char *, when a QString is no less safe for nearly all of KDE's users.
Neil Stevens - neil at qualityassistant.com
"I always cheer up immensely if an attack is particularly wounding
because I think, well, if they attack one personally, it means they
have not a single political argument left." - Margaret Thatcher
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----
More information about the kde-core-devel