KWallet integration - from the developer

Ingo Klöcker kloecker at kde.org
Thu Sep 4 22:10:24 BST 2003


First of all, I don't really understand what everybody complains about. 
Why don't you make constructive proposals instead of bitching around 
and telling everyone that nobody ever locks his screen just because you 
do such a stupid thing. I guess you know that kwallet isn't the only 
program that caches passwords. For example gpg-agent caches your GnuPG 
passphrase. That means that in case you use gpg-agent anyone can send 
signed messages from your account if you don't lock your screen (unless 
you've set the default-cache-ttl [in ~/.gnupg/gpg-agent.conf] to a 
ridiculously low value in order to prevent this). And all those talking 
about root access is BS: You'll have to admit that stealing the GnuPG 
passphrase (or any other data) by sniffing the keyboard or installing a 
trojan is significantly more criminal than abusing a not-locked session 
by sending a signed message as a (bad) joke.

On Thursday 04 September 2003 14:52, George Staikos wrote:
>    Seriously, I don't want to have a "final word" here.  However I
> don't have time to deal with speculation and unfounded criticism.  If
> anyone wanted to do that, they missed their chance while I was at
> Nove Hrady.  I was there for days after the paper was published and
> the talk was presented, and even after most of the code was in CVS. 
> I am now extremely busy catching up after Nove Hrady so here is my
> policy regarding KWallet:
>
>    2) If you have a substantial improvement idea for the design or
> the implementation, first check kdeutils/kwallet/TODO, then email me,
> preferably with a patch, at least with the idea.

kcmshell_kwallet doesn't start (ERROR: Module kwallet not found!) so I 
currently can't check whether there is such an option. But obviously 
those people who make the most noise in this thread need an option 
which locks the wallet again immediately after an application has 
received the data it wanted to have. This way kwallet is still very 
useful because it protects all sensitive data with a single password 
while OTOH it never reveals any sensitive data without being unlocked 
just for this piece of data. So even if you don't lock your screen 
nobody can buy dildos with your credit card.
IIRC it's already possible to define a timeout for re-locking the 
wallet. So all those 
I-don't-lock-my-screen-because-anyway-anybody-has-root-access people 
should simply set the timeout to 10 seconds and be happy with it.

>     4) If you have UI and usability complaints, do not send them my
> way unless you are prepared to back them up with comparisons against
> other such systems. Have a look at Apple's system, passport, or some
> other similar system.  The only big difference we have at this point
> is that we don't reuse the system login password for the wallet
> password.  I think you can agree with me that this is a bad idea for
> us to emulate.

Yes, I fully agree with this. But "kwallet is better than similar 
systems" doesn't imply that kwallet is good. It just implies that 
kwallet sucks less. Don't get me wrong. I don't think that kwallet 
sucks. But I will have to play some more with it until I can decide 
whether it's actually good.

Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: signature
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20030904/8c1bd31a/attachment.sig>


More information about the kde-core-devel mailing list