[PATCH] Kwallet optional owner based access control

Beaudoin Gael gaboo at gaboo.org
Thu Apr 10 08:42:46 BST 2008


Le Wednesday 09 April 2008 22:57:06 Jonathan Verner, vous avez écrit :
> Hello,
>
> I store some quite sensitive data in my wallet (banking account
> passwords, creditcard numbers & c.) and I do not feel comfortable
> with allowing every application which has access to the wallet to
> read them. (E.g. kopete stores its passwords in there so it has to
> have access to the wallet, but if it is compromised by a hacker, it
> could get at the more sensitive banking passwords which would not
> be good). So I thought it might be useful to only allow access to
> the wallet folders to applications which actually created those
> folders. The attached patch tries to implement this (although I am
> not completely sure how the appid thing works and if it is
> spoof-safe). It defaults to the old behaviour and only limits the
> access if it is turned on in the configuration.
>
> Since I do not have a complete build environment I could not test
> the patch (not if it compiles nor if it actually works). However,
> if the patch has some chance to be accepted, I will try to set
> it up, so that I can test it.
>
> The patch applies to the following files:
>
> /trunk/KDE/kdelibs/kio/misc/kwalletd/kwalletd.cpp
> /trunk/KDE/kdelibs/kio/misc/kwalletd/kwalletd.h
>
> Regards :-)
>
> Jonathan Verner

I also use kwallet like you. I just created another wallet, with a different 
password.

Gaël




More information about the kde-core-devel mailing list