RFC: Moving KWallet Password dialog into Plasma

Thomas Lübking thomas.luebking at gmail.com
Fri Jul 20 19:27:36 BST 2012

Am 20.07.2012, 20:18 Uhr, schrieb Martin Gräßlin <mgraesslin at kde.org>:

> already on the system (to my knowledge hardly anything not running as  
> root can be protected against an attacker with same user privs).
You can establish secure IPC - i frankly thought that's what kwallet was  
meant to do.

> But it still nicely protects:
> * the passwords stored on disk, so you don't get the passwords on a not
> powered-on system
What is as good as decrypting the database file on login - except that i  
don't face a broken dialog for that ;-)

> * usecases like having your child use your PC but not having it reading  
> your mails on gmail (just close the wallet)
So your kid's on your account?
-> puts friendly little scrip here, waiting for kwallet being open and  
then dump the database.

That's the reason why multiuser OS exists.

> So IMHO the passwords are safe except for the case that the system is  
> already compromised.
I don't atm. *really* know how kwallet operates but on your claim the  
question is what additional security can be gained by the extra password.
This however starts to get *slight* OT and probably worth it's own  
discussion =)


More information about the kde-core-devel mailing list