KDE Wallet Manager: Once a wallet is open an application has access to all passwords there?
Martin Sandsmark
martin.sandsmark at kde.org
Thu Dec 26 18:02:53 UTC 2013
On Thu, Dec 26, 2013 at 12:45:21AM +0100, Jonathan Verner wrote:
> Yes, of course, ... This too can be protected against, especially in the
> scenario where the exploited application is sandboxed
> (e.g. explicitly via apparmor profiles, selinux scrubs LD_PRELOAD & friends
> when transitioning between domains by default, ...).
It would seem obvious that the sandboxing would prevent it from connecting to
dbus as well in that case. I really don't see what you're trying to achieve.
> Sure... Why do we bother with encrypting the passwords at all, then? We might
> as well store them in a world-readable plaintext file named passwords.txt,
I don't know, but I assume it is because of the case of losing your laptop,
and not encrypting your home partition.
> and, for good measure, expose them to anyone who asks on port 80.
Now you're just being obtuse.
--
Martin Sandsmark
More information about the Kde-utils-devel
mailing list