Ksshaskpass ?

Martin Gräßlin mgraesslin at kde.org
Thu Dec 11 15:43:57 GMT 2014

On Thursday 11 December 2014 08:33:48 Jeremy Whiting wrote:
> ksshaskspass has been in kdereview and has been improved since it got
> there. Is it ready to be moved to kde/workspace ?

Sorry for being late for the review. I just cloned the repo and did a quick 
look for a common problem on X11: the dialog doesn't grab keyboard input.

When a window asks for a password it should make sure that no other X client 
intercepts the input. On X11 every other client is able to get to the key 
events. Thus the dialog should:
* grab the keyboard when it gets keyboard focus (is active)
* disable entering the password if it failed to grab keyboard and print a 
useful message
* release the grab keyboard once it lost focus (e.g. user wants to switch to 
browser to check why that wants a password)

While writing that I realized that this is not at all the fault of 
ksshaskspass but rather of KPasswordDialog which should implement those 
checks. So I wouldn't say it's a blocking issue for a move, though I would 
prefer to not get new applications into kde/workspace which aren't secure 
against the key logging attacks on X11.


> On Wed, Nov 5, 2014 at 12:50 PM, David Faure <faure at kde.org> wrote:
> > [cutting down on the massive cross-posting]
> > 
> > On Monday 03 November 2014 14:13:50 Jeremy Whiting wrote:
> > > ksshaskpass has no more krazy issues and has been moved to kdereview.
> > > I think it's final resting place should be kde/workspace but I'm open
> > > to other ideas. It is usable on other platforms besides plasma, but it
> > > saves passwords in kwallet, so may make the most sense there.
> > 
> > Yep, sounds like a workspace component to me. It doesn't make sense when
> > using
> > a single KDE app in e.g. gnome, which surely has another GUI for ssh-add.
> > 
> > --
> > David Faure, faure at kde.org, http://www.davidfaure.fr
> > Working on KDE Frameworks 5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20141211/61c17b90/attachment.sig>

More information about the kde-core-devel mailing list