[Kde-pim] RFC: Moving KWallet Password dialog into Plasma
Aurélien Gâteau
aurelien.gateau at free.fr
Tue Jul 24 13:23:22 BST 2012
Le samedi 21 juillet 2012 10:40:17 Volker Krause a écrit :
> When looking at KWallet security and usability, there's another aspect that
> came up in discussions during Akademy: The "Do you want to allow application
> foo access your wallet?" dialog. It might give the impression that only
> certain "trusted" applications can access the wallet, which is totally
> misleading. The application name can trivially be faked, and the
> "allow/deny always" decision is simply stored in a plain text config file.
>
> I assume the intention of this was rather to give users the choice to not
> store data of well-known/well-behaving applications in the wallet (maybe due
> to security concerns). Kinda makes sense, but might be better solvable by a
> corresponding option on the application level (like web browsers do for
> example, and I think most Akonadi agents as well), instead of bothering me
> with yet another dialog when first using KWallet. This also avoids the
> false sense of security.
Killing this dialog would be good indeed. It always gets in the way of new
users and does not bring much.
Aurélien
_______________________________________________
KDE PIM mailing list kde-pim at kde.org
https://mail.kde.org/mailman/listinfo/kde-pim
KDE PIM home page at http://pim.kde.org/
More information about the kde-pim
mailing list