Re: [patch] first pass at gnome-keyring support, baby.

From: Peter Jones <pjones redhat com>
To: Bill Peck <bpeck redhat com>
Cc: networkmanager-list gnome org
Subject: Re: [patch] first pass at gnome-keyring support, baby.
Date: Thu, 23 Jun 2005 11:20:02 -0400

On Thu, 2005-06-23 at 10:33 -0400, Bill Peck wrote:

> Is there a technical reason why the keyring can't be unlocked by the
> login? (Obviously the passwords would have to be the same) I know I'm
> thinking in fairy land where we might have single sign on one day.. but
> I can dream can't I?

Well, even if you do have that, you still would have to unlock it later
in the case of gdm's auto-login and other such features.

Also, although it terribly pertinent in the NM case, the keyring
passphrase is almost always a matter of local, per-machine
configuration, whereas the user's password is often a function of the
network, via NIS or LDAP.  So in general even though they're often the
same string of characters, they're really not the same password.

One might argue for somehow having pam try to unlock it with the
password if user provides one to log in.  That's both technically
tricky, because most gnome isn't generally running by the time you're
completely done with pam, but also it means that the user might have
their keyring unlocked without realizing it, which isn't such a great
situation.

-- 
        Peter

References:
- [patch] first pass at gnome-keyring support, baby.
  - From: Robert Love
- Re: [patch] first pass at gnome-keyring support, baby.
  - From: Colin Walters
- Re: [patch] first pass at gnome-keyring support, baby.
  - From: David Zeuthen
- Re: [patch] first pass at gnome-keyring support, baby.
  - From: Robert Love
- Re: [patch] first pass at gnome-keyring support, baby.
  - From: Dan Williams
- Re: [patch] first pass at gnome-keyring support, baby.
  - From: Bill Peck

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]