Fwd: KWallet weaknesses (was: [PATCH] Make pinentry-qt read and store passphrases in KDE 3.2's wallet)

Martin Konold martin.konold at erfrakon.de
Sat Dec 6 15:20:34 GMT 2003

Am Saturday 06 December 2003 03:26 pm schrieb Dirk Mueller:


> it is the easiest solution since you really don't want to have a suid-root
> kwalletd.

Why not? If the suid-root is only used for an initial mlockall and immediately 
afterwards the priviledges ere dropped it is imho totally save and fine.

Suid-root is not bad security wise in every usage case.

-- martin

Dipl.-Phys. Martin Konold
e r f r a k o n
Erlewein, Frank, Konold & Partner - Beratende Ingenieure und Physiker
Nobelstrasse 15, 70569 Stuttgart, Germany
fon: 0711 67400963, fax: 0711 67400959
email: martin.konold at erfrakon.de

More information about the kde-core-devel mailing list