[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kmail-devel
Subject:    Re: Saving of passwords (Was: Security status)
From:       George Staikos <staikos () 0wned ! org>
Date:       2000-02-07 14:09:59
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----

On Mon, 07 Feb 2000, Andreas Gungl wrote:

> > Maybe we should suggest to have a directory
> > ~/.kde/secure  ?

[..]

> Actually I don't have a better solution. I'ld prefer a special file and
> a hint for all users on top of the documentation, better not to store
> the password on disk.

  it seems like this whole idea is going towards the idea of having a
password registry on the system.  These things always seem to have problems. 
They're not particularily safe unless you have a passphrase to decrypt the
encrypted passwords, which as we all know kind of defeats the purpose.  As
well, if we're going to do this, we might as well do it with PAM or some
other external authentication system which is generic.  We dont' want to keep
reinventing the wheel. 

- -- 

George Staikos 


-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.2

iQEVAwUBOJ7TQ/aardfOEhQRAQFgugf/V0jaDbgBU6IsAlKRbhkCblkY12SwqxDn
stXaL0/LTR6cGMkg9hrS/snRpXJgIn2n1Zkr6lt4REH1SSLbxrZeQ4Pg51Gj7OQM
tN4LaGCRd8wgYQp5Mn+ijsgddjYtsiiz6qWyF20oPR55xg/gE1/V5kNHIJVyPr03
fA9bco1/QaklTf1w2K0SnSI0dhwlwV2YfOQGrGEqJFw0l9nPi0SW8T/2Ix7d4zke
cduHSHYu7Im5N7KQpRutF6Zh3ZEjkjgcDsG3PNS0lZ8Z4Z3ZTJUzTVMWe35aoHYl
WzOJUjZap+/k91Yg4w+6hiIdEcBhCY68+SzNekbqYfs9MJSbZeSzgg==
=AhkQ
-----END PGP SIGNATURE-----

[prev in list] [next in list] [prev in thread] [next in thread]