Fwd: KWallet weaknesses (was: [PATCH] Make pinentry-qt read and store passphrases in KDE 3.2's wallet)

[Martijn Klingens]

On Saturday 06 December 2003 14:55, Martin Konold wrote:
> encrypted swap is not really required.
>
> Please check
>
> 	man 2 mlock

It requires KWallet's kded module to run suid root though, or to have a system 
capable of ACLs and granting the mlock right to the module.

Also, I'm not sure KWallet tries to minimize data copying. After all the 
public API works with QMaps and QStrings and those do a lot of things, but 
not avoiding the copying of memory. They also don't mlock, so an mlock on the 
main data block wouldn't help a lot.

-- 
Martijn