Hi, On 8/28/07, David Zeuthen <[EMAIL PROTECTED]> wrote: > One important thing about the gnome-keyring prompts is that they display > information the user should be able to trust / understand. Things like > that App X is trying to use the key stored by App Y. [1]
Yeah. I'm not sure these dialogs make sense, but for now I'm ignoring them and just worrying about how all apps can share the same login knowledge (you'd still have to allow/deny each app). For why I don't think they make sense, it's pretty much the same issue as https://www.redhat.com/archives/fedora-desktop-list/2007-August/msg00309.html Either you have a secure setup or you don't, dialogs are just a really annoying-to-the-user way of writing "if (TRUE)" and don't affect the security materially. A better approach, for example, would be to have selinux or signatures or something such that apps that come with the OS are automatically trusted and the dialog or other obscure procedure only arises for third-party apps. Then people don't get as used to just clicking "yes" all the time and _might_ slow down for the dialog when it really matters. But, it's a somewhat separate topic from what I was wanting to mess with right away. > [1] : In fact I'm skeptical that most users will do more than just click > through these prompts... if we didn't care about protecting secrets on a > per-application basis we would be just as well off with encrypted > homedir and just store secrets in plaintext. And then we wouldn't need a > keyring API at all. I think the keyring API is most useful for sharing the login info between apps, and potentially storing the login info on a server (or a USB key, or whatever) Havoc _______________________________________________ desktop-devel-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/desktop-devel-list
