[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: new widgets...
From: Alexander Kellett <lypanov () kde ! org>
Date: 2002-09-26 13:32:33
[Download RAW message or body]
On Thu, Sep 26, 2002 at 09:19:00AM -0400, Pupeno wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Thursday 26 September 2002 05:23, Thomas Zander wrote:
> > > - KPasswordEdit: the api of this widget is rather poor returning a const
> > > char* of the typed password (should it be a QString or something like
> > > that ?) and there's not setPassword function.
> >
> > Returning a pointer to the string as typed by the user is the only way to
> > make sure minimal copying and therefor maximum security can be reached.
> > Please don't change that.
> I imagined that the use of a char was for security reasons... but, what would
> happen with passwords containing unicode chars ?
> Is still a setPassword(const char*?) method a bad idea ?
anyways, if we are so security concious why don't we also do a mlock?
Alex (who's just starting reading too many man pages on his system)
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic