From kde-core-devel Thu Dec 11 15:43:57 2014 From: Martin =?ISO-8859-1?Q?Gr=E4=DFlin?= Date: Thu, 11 Dec 2014 15:43:57 +0000 To: kde-core-devel Subject: Re: Re: Ksshaskpass ? Message-Id: <1634221.qUmITE2k0k () martin-desktop> X-MARC-Message: https://marc.info/?l=kde-core-devel&m=141831267420576 MIME-Version: 1 Content-Type: multipart/mixed; boundary="--nextPart1763670.Hluzi7IlHK" --nextPart1763670.Hluzi7IlHK Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="utf-8" On Thursday 11 December 2014 08:33:48 Jeremy Whiting wrote: > ksshaskspass has been in kdereview and has been improved since it got > there. Is it ready to be moved to kde/workspace ? Sorry for being late for the review. I just cloned the repo and did a quick look for a common problem on X11: the dialog doesn't grab keyboard input. When a window asks for a password it should make sure that no other X client intercepts the input. On X11 every other client is able to get to the key events. Thus the dialog should: * grab the keyboard when it gets keyboard focus (is active) * disable entering the password if it failed to grab keyboard and print a useful message * release the grab keyboard once it lost focus (e.g. user wants to switch to browser to check why that wants a password) While writing that I realized that this is not at all the fault of ksshaskspass but rather of KPasswordDialog which should implement those checks. So I wouldn't say it's a blocking issue for a move, though I would prefer to not get new applications into kde/workspace which aren't secure against the key logging attacks on X11. Cheers Martin > > On Wed, Nov 5, 2014 at 12:50 PM, David Faure wrote: > > [cutting down on the massive cross-posting] > > > > On Monday 03 November 2014 14:13:50 Jeremy Whiting wrote: > > > ksshaskpass has no more krazy issues and has been moved to kdereview. > > > I think it's final resting place should be kde/workspace but I'm open > > > to other ideas. It is usable on other platforms besides plasma, but it > > > saves passwords in kwallet, so may make the most sense there. > > > > Yep, sounds like a workspace component to me. It doesn't make sense when > > using > > a single KDE app in e.g. gnome, which surely has another GUI for ssh-add. > > > > -- > > David Faure, faure@kde.org, http://www.davidfaure.fr > > Working on KDE Frameworks 5 --nextPart1763670.Hluzi7IlHK Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part. Content-Transfer-Encoding: 7Bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEABECAAYFAlSJu8QACgkQqVXwidMiVrpYOwCdFFmtU4hZC1AaZvRnWLNFlsFs MiEAn0JSCAlVYGX38hsjA/2p/i4PJfmE =qlWl -----END PGP SIGNATURE----- --nextPart1763670.Hluzi7IlHK--