Re: Current network-password-saving feature needs improvement.



Not every distribution has or wants to use PAM.

-Sam

On 19 Jul 2002, George Farris wrote:

> This just seems wrong to me.  I'm imagining the user having to enter a
> pass phrase every time he/she uses Mozilla/Galeon/SMB etc, etc.  It
> seems the way pam_mount does things would work better.  Enter the
> password once and you're done.  Using PAM would tend to also work with
> other authentication schemes such as LDAP, card scanning etc.
>
> Maybe I don't really understand the issue but thats my two cents worth.
>
>
> On Fri, 2002-07-19 at 06:43, Julien MOUTTE wrote:
> >
> > Howdy,
> >
> > First i would like to highlight the two different approaches that we can have about this subject... :
> >
> > - Hiding this parameters for security matters which would mean that there would be no way to reveal this information without having the necessary informations for that (encryption key)
> >
> > or
> >
> > - Hiding these parameters for privacy matters because clear text sucks and this would be just a simple hashing of values.
> >
> > In the first case we will reduce the UI conviviality by adding popups asking for secret key all the time.
> >
> > And in the second one this hashing would only be useful to protect from lamers that try to make a vi on gconf files and for remote storage of the configuration files (network will not see the clear/text infos)
> >
> > I'm not really sure about it but i think that mozilla is implementing both methods and we should maybe do the same :
> >
> > - Generate an encryption key from fixed system datas and make a hashing if user which to save his network pw in an easy way (like mozilla pass manager does i think)
> >
> > - Ask the user to enter a passphrase for encrypting these informations that he would have to enter each time his system would try to access these infos in gconf (master password in mozilla)
> >
> > - Ask the user to enter these infos each time he needs them in apps...
> >
> > For encryption, axel was suggesting using blowfish and i agree with that as this algorithm is widely used and efficient..
> >
> > Cheers,
> >
> > --
> > Julien MOUTTE - jmoutte electronic-group com
> > C.T.O.
> > _________________________________________________________
> >
> > ELECTRONIC GROUP INTERACTIVE - www.electronic-group.com
> > World Trade Center, Moll de BARCELONA
> > Edificio Norte 4 Planta
> > 08039 BARCELONA SPAIN
> > Tel : +34 93600 23 23 Fax : +34 93600 23 10
> > _________________________________________________________
> > _______________________________________________
> > desktop-devel-list mailing list
> > desktop-devel-list gnome org
> > http://mail.gnome.org/mailman/listinfo/desktop-devel-list
> --
> George Farris - VE7FRG
> George gmsys com
> _______________________________________________
> desktop-devel-list mailing list
> desktop-devel-list gnome org
> http://mail.gnome.org/mailman/listinfo/desktop-devel-list
>




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]