Re: Current network-password-saving feature needs improvement.

From: Julian Missig <julian jabber org>
To: GNOME Desktop Devel <desktop-devel-list gnome org>
Subject: Re: Current network-password-saving feature needs improvement.
Date: 01 Aug 2002 17:28:57 -0400

On Thu, 2002-08-01 at 17:17, Mikael Hallendal wrote:
> tor 2002-08-01 klockan 21.31 skrev ERDI Gergo:
> > Hi,
> 
> Hi!
> 
> > While reading the Sun security report (which is great to have, btw), I had
> > this idea of a low-tech, localized (i.e. it doesn't require rewriting code
> > in lots of places) solution, which is to modify GConf to support
> > memory-only keys. That is, a special schema flag would make GConf not save
> > a key's value to disk. So when you use the first app that wants your HTTP
> > proxy password (or any other password), you type it in, the app sets the
> > GConf key, and gconfd remembers it so other apps can access it -- but only
> > until you log out.
> 
> Other than GConf having the possibility to store passwords (in a
> Key/Value-sort-of-way), why should passwords be stored in GConf in the
> first place?
> 
> I think it's kinda backwards to change GConf in order to store something
> it wasn't meant for in it.
> 

If not in GConf, then where should applications store passwords if the
user wants the passwords saved? I don't think it makes sense for every
application to have to have their own little bits to encrypt the
password and store it somewhere supposedly safe.

Julian

Follow-Ups:
- Re: Current network-password-saving feature needs improvement.
  - From: Mikael Hallendal

References:
- Re: Current network-password-saving feature needs improvement.
  - From: ERDI Gergo
- Re: Current network-password-saving feature needs improvement.
  - From: Mikael Hallendal

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]