Le samedi 21 juillet 2012 10:40:17 Volker Krause a =E9crit :

> When looking at KWallet security and usability, there's another aspect th=
at
> came up in discussions during Akademy: The "Do you want to allow applicat=
ion
> foo access your wallet?" dialog. It might give the impression that only
> certain "trusted" applications can access the wallet, which is totally
> misleading. The application name can trivially be faked, and the
> "allow/deny always" decision is simply stored in a plain text config file.
> =

> I assume the intention of this was rather to give users the choice to not
> store data of well-known/well-behaving applications in the wallet (maybe =
due
> to security concerns). Kinda makes sense, but might be better solvable by=
 a
> corresponding option on the application level (like web browsers do for
> example, and I think most Akonadi agents as well), instead of bothering me
> with yet another dialog when first using KWallet. This also avoids the
> false sense of security.

Killing this dialog would be good indeed. It always gets in the way of new =

users and does not bring much.

Aur=E9lien
_______________________________________________
KDE-Telepathy mailing list
KDE-Telepathy@kde.org
https://mail.kde.org/mailman/listinfo/kde-telepathy