[prev in list] [next in list] [prev in thread] [next in thread]
List: kmail-devel
Subject: Re: [SECURITY] Kpgp issue.
From: Ingo =?iso-8859-1?q?Kl=F6cker?= <ingo.kloecker () epost ! de>
Date: 2001-06-12 22:26:08
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tuesday, 12. June 2001 22:33, Marc Mutz wrote:
> OK, since nobody responded to this by now, I will sync up what I have
> for QT_NO_ fixes and then start looking into making KPgp sane.
If Michael Haeckel, Daniel Naber and myself count as nobody then your
statement that "nobody responded to this by now" is right. ;-)
> I have a few unix-programming questions, though:
>
> Ideally, one would lock the pages that contain the passphrase into
> memory. IIRC, this is only possible if you have root previleges,
> right?
AFAIK this is right.
> Not locking the pages doesn't hurt _that_ much when we don't keep the
> password around for longer than absolutely necessary.
Actually I wrote something similar in my respond to your message.
> But the option to cache the password is quite desireable from a user
> POV.
Exactly.
> Can kdesud be used to store the passphrase until needed again? I
> reckon that kdesud runs with uid 0 and locks it's pages into memory,
> right? Before I need to dig into low-level Unix programming (having a
> small suid-root program that shares pages with non-uid 0 programs on
> request and locks them for the program or so..), I'd like to evaluate
> this possiblility.
AFAIK caching passwords is one of the purposes of kdesud. But of course
I could be wrong.
Regards,
Ingo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE7JpcAGnR+RTDgudgRAt06AJ4sy0OOPOdzxO8x2+5u66J/UogQFwCgwFkW
/LJ53+gWRJskxKxv6rAr+WA=
=1Crm
-----END PGP SIGNATURE-----
_______________________________________________
Kmail Developers mailing list
Kmail@master.kde.org
http://master.kde.org/mailman/listinfo/kmail
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic