From kde-core-devel  Thu Sep 04 09:08:52 2003
From: Stephan Kulow <coolo () kde ! org>
Date: Thu, 04 Sep 2003 09:08:52 +0000
To: kde-core-devel
Subject: Re: KWallet integration
X-MARC-Message: https://marc.info/?l=kde-core-devel&m=106266676202258

On Thursday 04 September 2003 10:56, Martin Konold wrote:

> > That does not, however, mean that I want everyone to be able to use my
> > GnuPG key
> 
> Your goal is impossible to be reached!
> 
> Everyone having root access to your machine is easily capable to steal your 
> passwords/idendentity without you even noticing. The Unix/Linux security 
> model simply provides _no_ means to be save from a malicious root.

Well, sure. It's all about the right limits. There is a difference between 
a) installing trojan horses and steal your passphrase 
and
b) click in kmail/kgpg

Security is always about limits - so just because any limit can be worked
around, we don't have to lower our limits.

Greetings, Stephan

-- 
There may be no I in TEAM, but a M and an E.