KDE Wallet Manager: Once a wallet is open an application has access to all passwords there?

Martin Sandsmark martin.sandsmark at kde.org
Thu Dec 26 18:02:53 UTC 2013


On Thu, Dec 26, 2013 at 12:45:21AM +0100, Jonathan Verner wrote:
> Yes, of course, ... This too can be protected against, especially in the 
> scenario where the exploited application is sandboxed  
> (e.g. explicitly via apparmor profiles, selinux scrubs LD_PRELOAD & friends 
> when transitioning between domains by default, ...).

It would seem obvious that the sandboxing would prevent it from connecting to
dbus as well in that case. I really don't see what you're trying to achieve.


> Sure... Why do we bother with encrypting the passwords at all, then? We might
> as well store them in a world-readable plaintext file named passwords.txt, 

I don't know, but I assume it is because of the case of losing your laptop,
and not encrypting your home partition.


> and, for good measure, expose them to anyone who asks on port 80.

Now you're just being obtuse.

-- 
Martin Sandsmark


More information about the Kde-utils-devel mailing list