RFC: Moving KWallet Password dialog into Plasma
Martin Gräßlin
mgraesslin at kde.org
Fri Jul 20 19:18:15 BST 2012
On Friday 20 July 2012 19:37:00 Thomas Lübking wrote:
> no, see above. the password dialog is snake-oil. (given kwallet acts like
> this)
no it's not complete snake-oil. It does not protect against an attacker
already on the system (to my knowledge hardly anything not running as root can
be protected against an attacker with same user privs).
But it still nicely protects:
* the passwords stored on disk, so you don't get the passwords on a not
powered-on system
* usecases like having your child use your PC but not having it reading your
mails on gmail (just close the wallet)
So IMHO the passwords are safe except for the case that the system is already
compromised.
Cheers
Martin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20120720/97a62275/attachment.sig>
More information about the kde-core-devel
mailing list