Re: Current network-password-saving feature needs improvement.
- From: Havoc Pennington <hp redhat com>
- To: ERDI Gergo <cactus cactus rulez org>
- Cc: GNOME Desktop Devel <desktop-devel-list gnome org>
- Subject: Re: Current network-password-saving feature needs improvement.
- Date: 01 Aug 2002 17:33:43 -0400
ERDI Gergo <cactus cactus rulez org> writes:
>
> While reading the Sun security report (which is great to have, btw), I had
> this idea of a low-tech, localized (i.e. it doesn't require rewriting code
> in lots of places) solution, which is to modify GConf to support
> memory-only keys. That is, a special schema flag would make GConf not save
> a key's value to disk. So when you use the first app that wants your HTTP
> proxy password (or any other password), you type it in, the app sets the
> GConf key, and gconfd remembers it so other apps can access it -- but only
> until you log out.
>
> Does this make any sense?
>
I'd like to see something much simpler and more possible to audit than
that for passwords.
Havoc
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]