Fwd: KWallet weaknesses (was: [PATCH] Make pinentry-qt read and store passphrases in KDE 3.2's wallet)

George Staikos staikos at kde.org
Sat Dec 6 19:35:05 GMT 2003

On Saturday 06 December 2003 08:55, Martin Konold wrote:
> > Parts of the unlocked wallet can be found in the swap partition, unless
> > you use encrypted swap (which is unfortunately not very popular yet).
> encrypted swap is not really required.
> Please check
> 	man 2 mlock

  Don't you remember our conversation at Nove Hrady?  Eventually the password 
has to go to a non-mlocked region, and actually goes over DCOP, and often the 
lan, so what's the point?  It only protects a very small number of cases for 
kwallet, really.  The better solution is a complete trusted system.  Oops I 
didn't say that.

George Staikos
KDE Developer				http://www.kde.org/
Staikos Computing Services Inc.		http://www.staikos.net/

More information about the kde-core-devel mailing list