[PATCH] Kwallet optional owner based access control
Jonathan Verner
jonathan.verner at matfyz.cz
Wed Apr 9 21:57:06 BST 2008
Hello,
I store some quite sensitive data in my wallet (banking account
passwords, creditcard numbers & c.) and I do not feel comfortable
with allowing every application which has access to the wallet to
read them. (E.g. kopete stores its passwords in there so it has to
have access to the wallet, but if it is compromised by a hacker, it
could get at the more sensitive banking passwords which would not
be good). So I thought it might be useful to only allow access to
the wallet folders to applications which actually created those
folders. The attached patch tries to implement this (although I am
not completely sure how the appid thing works and if it is
spoof-safe). It defaults to the old behaviour and only limits the
access if it is turned on in the configuration.
Since I do not have a complete build environment I could not test
the patch (not if it compiles nor if it actually works). However,
if the patch has some chance to be accepted, I will try to set
it up, so that I can test it.
The patch applies to the following files:
/trunk/KDE/kdelibs/kio/misc/kwalletd/kwalletd.cpp
/trunk/KDE/kdelibs/kio/misc/kwalletd/kwalletd.h
Regards :-)
Jonathan Verner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: owner-based-access-control.diff
Type: text/x-diff
Size: 8793 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20080409/87476dc5/attachment.diff>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20080409/87476dc5/attachment.sig>
More information about the kde-core-devel
mailing list