[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-devel
Subject:    Re: KWallet + PAM
From:       Michael Leupold <lemma () confuego ! org>
Date:       2009-05-23 22:39:33
Message-ID: gv9tv5$773$1 () ger ! gmane ! org
[Download RAW message or body]

Pierre wrote:
> On Wednesday 29 April 2009 18:58:40 Herbert Graeber wrote:
>> Am Mittwoch 29 April 2009 03:47:46 schrieb John Tapsell:
>> >   Has any progress been made on the pam+kwallet front?  There seem to
>> > be patches floating about (e.g.
>> > http://kubuntuforums.net/forums/index.php?topic=3091705.0 )  but I'm
>> > guessing that they haven't been integrated into our svn ?
>>
>> For KDE there has been a openSUSE package named pam_kwallet for this. It
>> depends on a patch to the kwallet daemon, to open a wallet with a
>> password given a parameter via dcop (function tryOpen). It would be easy
>> to port pam_kwallet to KDE when a similar patch has been made for KDE4's
>> kwallet daemon.
>
> If you're interested, I've got a port of this to KDE4 available on my hard
> drive...
> It does add a DBus tryOpen call in kwalletd. I ported the "kwalletclient"
> from pam_kwallet to use dbus too. I only have to try it, but I'm too lazy
> to do it right now (and I'll be AFK for one day or two..)
> I'll send the patches in a few days.

Could you please post it to the list? As many users are asking for it we 
might as well put it into 4.4. I guess marking it as "PAM module only" and 
not exposing it in our API should be enough to make it clear that this isn't 
supposed to be used in regular programs. Of course it should be documented 
that sending the (hashed?) password over D-Bus is inherently less secure 
than entering it manually.

Regards,
Michael


 
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]