Re: gnome-keyring Why does -ask ship a copy of GtkEntry ?
- From: "Matthias Clasen" <matthias clasen gmail com>
- To: stef memberwebs com
- Cc: gnome-keyring-list gnome org
- Subject: Re: gnome-keyring Why does -ask ship a copy of GtkEntry ?
- Date: Fri, 9 Jan 2009 00:32:35 -0500
On Thu, Jan 8, 2009 at 11:55 PM, Stef <stef-list memberwebs com> wrote:
> gnome-keyring and seahorse go to great lengths to make sure passwords
> always reside in nonpageable locked memory. There are special memory
> allocation functions for this 
Hmm, I doubt this adds any real security advantages. After all, you
are still loading modules like theme engines, etc, which can easily
steal the content of your non-pageable memory. And you are using
regular X, allowing anybody to sniff the key events that are used to
fill your 'secure' entry.
However, if allowing the use of a static buffer is what it takes to
make you use GtkEntry, I'd be happy to review your patch...
] [Thread Prev