[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kmail-devel
Subject:    Re: Saving of passwords (Was: Security status)
From:       Waldo Bastian <bastian () suse ! de>
Date:       2000-02-07 10:47:38
[Download RAW message or body]

On Mon, 07 Feb 2000, George Staikos wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
>
> On Sun, 06 Feb 2000, Waldo Bastian wrote:
> > For practical purposes I have my ~/.kde/share/config/ directory
> > world-readable. The permission of config files is determined by the
> > umask settings, which usually results in something like
> > "-rwxr--r--". It would be good practice to store passwords in a
> > seperate file (e.g. ~/.kde/share/apps/kmail/passwords) and to make
> > sure that this file has permissions set to 0600.
>
>    Does the typical KDE user use KDE on a machine with more than one
> user anyways?  It really seems like a desktop system anyways. 

The typical KDE system used at universities and schools are all 
multi-user. 

> I know it's not really an answer, but if the typical user is running 
> KDE on a single user desktop, and typical setup is mod 700 on the 
> directory, I don't think we really have to do much more than we are 
> now.  I mean if the password being on disk is really an issue, the 
> user shouldn't be keeping it there in the first place.  

We are the ones who put it there. We can't assume that every user is a 
security expert.

> Not to mention that most of them will be using POP3 and sending their 
> password cleartext over the network anyways.  

That is no reason to create additional security weaknesses.

> Also what if the homedir is on NFS?  Then storing
> it in a separate file gets you nothing either.  

?? NFS handles file permissions perfectly fine.

> We're just adding
> more security through obscurity, really.  

Scrambling the password to make it "non-plaintext" falls in the 
category "security through obscurrity". Ensuring correct 
file-permissions on sensitive data is a sane way to build a secure 
system. 

> It's nice to have the
> password in the same file as the settings, I think.  When migrating
> to another machine (thinking about the kmobile project and app
> synchronization) this would make it simpler.

One file more or less should not be a concern. If it is, you have 
bigger problems already.

Cheers,
Waldo

[prev in list] [next in list] [prev in thread] [next in thread]