On Wednesday 12 November 2003 16:32, Aaron Seigo wrote:
> On Wednesday 12 November 2003 13:54, George Staikos wrote:
> > > Let me just add my hearty AMEN to this.  I also am using wallet for
> > > this specific purpose.  I am the only person who uses this computer (or
> > > even has access to it) so I'm not THAT worried about security.
> >
> >   You may not be,
>
> that's right, he isn't. and yet you still hold that you/KDE know better and
> therefore have a right to control his machine andh is use of his machine.
> who controls the machine, exactly? the user or KDE/George Staikos?

   I know from experience.  Not only does the compromise of his passwords 
cause harm to him, but it causes harm to others.  I have a right to run an 
open relay and sendmail 8.6.9, but I'll spread spam and worms like there's no 
tomorrow.  Therefore Linux distributions do not ship sendmail 8.6.9 or open 
relays.  You can change it as you please.  It's free software, as you point 
out below.

> what's the "free" in Free Software mean again? ;-)

  It means he gets the source and he can change it if he likes.

> > but you should be,
>
> he just stated why he doesn't need to be. we may think otherwise, but user
> trumps all. period.

   You might be surprised to know who's been 0wned lately.  If KWallet used 
the login password, all this person's passwords would be compromised too.

> > and many others are.
>
> this isn't about the default settings, which MUST indeed be secure (i have
> no beef with KWallet there =); this is about optional settings that the
> user should have access to.

  Ok this is what I said, and I have absolutely no intentions of implementing 
this option.  It's free software, someone else can do it.  I will however 
ensure that it does not compromise security for everyone else.

-- 
George Staikos
KDE Developer				http://www.kde.org/
Staikos Computing Services Inc.		http://www.staikos.net/

 
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<