KWallet integration
Tim Jansen
tim at tjansen.de
Mon Sep 1 22:29:28 BST 2003
On Monday 01 September 2003 23:03, Duncan Mac-Vicar Prett wrote:
> I don't know how this works under the scenes but I think the message could
> be changed to something more descriptive and less "panic" like
> "Kopete needs to retrieve a password from KDE Password Manager".
IMHO this should be turned off completely by default. It does not add any
additional security. If Kopete is malicious or the user has any other virus/
trojan horse running it will not help anyway, there are thousands of ways to
get the passwords and the only thing that may prevent the attacker from doing
this is the password encryption of the wallet.
If the user has a password for the wallet, just ask for it and say that kopete
requested it. If there is no password or the user already entered it, there
should be no feedback at all. The idea of KWallet should be to make the user's
live easier, not to display dialogs that people will stop reading after a
while anyway.
bye...
More information about the kde-core-devel
mailing list