Noone asked me, but I'm on the list :) Is it worth looking at how, for example, Claws-mail or Sylpheed do it? Neither is tied wholly into the gnome ecosystem that I know of, so maybe their strategy is instructive. As a somewhat casual user I can say Trojita stops becoming lightweight when it depends on a lot of other stuff, so I see Jan's point. But I also use Mutt, and my password is stored in cleartext in a chmod 700 file, which I can live with. It's really a matter of setting expectations for the user. If they know they're going to have to deal with a chmod 700 file in exchange for being able to use it flawlessly without dependencies in a DE like openbox, many of them/us would decide that's worth it! Or you could just go the route of "ask for it at startup and forget when the program stops."
My two bits, no charge. Randy -- Randall Wood [email protected] On Mon, Jun 17, 2013, at 04:20 PM, Jan Kundrát wrote: > On Monday, 17 June 2013 14:41:16 CEST, Thomas Lübking wrote: > > Wouldn't that render Trojitá "unusable" for "non-DE" users > > (openbox or so), eventually even the "minor" ones (xfce, lxde)? > > That depends on what "unusable" means. It will cause a regression in that > the passwords will no longer be remembered, and that user will have to > enter their password at Trojita's startup. > > For me, this is not a problem and getting rid of the code for saving them > on disk in cleartext is a good move. Do you see it as a critical feature? > > > -> What about warning about the need to store PWs plaintext and > > required to protect it on the system level? (symlink to > > encrypted disk/image or USB stick) > > I'm not a big fan of this; disk encryption helps defend against offline > attacks, but does nothing against a random application reading a > configuration file from a well-known location on the FS. Yes, I'm aware > of the possibility to ptrace() or just reading the memory image, but an > on-disk file with cleartext password, even if the disk itself is > encrypted, just screams "wrong design" to me. > > > Otherwise and reg. support for multiple accounts there should > > at least be a master PW to read encrypted account passwords from > > HDD, yesno? > > I'd prefer to spend my time writing a mail client, not debugging, > maintaining or reviewing patches for crypto code dealing with password > storage. If someone feels that doing this within Trojita is a great thing > to do, more power to them, though. It's just that the perspective of > being able to offload this to a systemwide, third-party > code/library/daemon looks very, very appealing to me. I do admit that the > list of supported backends of the QtKeychain is rather limited :(. > > So, a tl;dr summary of my point of view: > > - I do not use password storage myself, and so I don't care that much > about it > - the less I have to deal with this, the better, > - still, I don't want to cause needless regression for the users. > > We will have to ballance the convenience of users who "need PW storage" > but "can't be bothered to run bloat like KWallet" with the comfort of us > supporting less code and security of not having passwords on disk in > cleartext. > > >> PWs shall still be "remembered" in memory while the session is active) > > Whatever the approach to this would be (assuming "session" > > means "until logged out" and not "while process alive") do NOT > > abuse the X11 server to "temporarily" store it. Everybody and > > everything could read it from there anytime. > > Actually I meant "Trojita session" as in "the process is running". > > Cheers, > Jan > > -- > Trojitá, a fast Qt IMAP e-mail client -- http://trojita.flaska.net/ >
