[Patch/Fix] libsecret configure option



Hi all,

the configure option

<snip>
  --with-libsecret        Link to libsecret instead of gnome-keyring
                          (default=no)
</snip>

is actually *wrong*, as gnome-keyring has been deprecated.  Thus, if a user follows this comment only (the 
README is actually correct), the resulting binary will store obfuscated passwords in ~/.balsa/config-private 
which is typically a questionable (at best) idea.

I suggest
- to make using libsecret the default and
- print a warning if the user explicitly wants to disable it.

The attached patch (untested for Meson) fixes the confusion.

We might also want to ensure that the password (or all passwords) is erased from config-private (see the 
comment in libbalsa/server.c, line 359ff.) when accessing libsecret was successful.

Opinions?

Best,
Albrecht.

Attachment: fix-libsecret-option.txt
Description: Text document

Attachment: pgpsf84US0Ct7.pgp
Description: PGP signature



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]