KPasswordEdit and security

Aaron J. Seigo aseigo at kde.org
Wed Dec 27 21:17:58 GMT 2006


On Wednesday 27 December 2006 14:03, Richard Moore wrote:
> If we were to attempt something like this, we might be able to make a
> valgrind skin or something that tracked where the password got copied
> to in order to allow us to detect places that need fixing.

e.g. over the message bus when it gets stored/retreived via kwallet?

imho, a better solution is to have an encrypted swap partition and not allow 
access to the user's environment during usage to another person. in other 
words, nothing much kde related. and then we can get rid of kpasswordedit 
altogether and just use klineedit as an extra bonus.

-- 
Aaron J. Seigo
humru othro a kohnu se
GPG Fingerprint: 8B8B 2209 0C6F 7C47 B1EA  EE75 D6B7 2EB1 A7F1 DB43

Full time KDE developer sponsored by Trolltech (http://www.trolltech.com)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20061227/9961f6c7/attachment.sig>


More information about the kde-core-devel mailing list