After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 538163 - Should protect the password better
Should protect the password better
Status: RESOLVED FIXED
Product: krb5-auth-dialog
Classification: Other
Component: general
unspecified
Other All
: Normal normal
: ---
Assigned To: Christopher Aillon
Christopher Aillon
Depends on: 534515
Blocks: 538339
 
 
Reported: 2008-06-13 15:33 UTC by Guido Günther
Modified: 2009-01-10 13:29 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
GtkSecureEntry widget from pinentry (127.86 KB, patch)
2008-06-13 15:34 UTC, Guido Günther 		none Details | Review
Move dbus handling into a separate file (6.77 KB, patch)
2008-06-13 15:35 UTC, Guido Günther 		none Details | Review
Actually use the secmem/GtkSecureEntry code (4.47 KB, patch)
2008-06-13 15:36 UTC, Guido Günther 		none Details | Review

Description Guido Günther 2008-06-13 15:33:01 UTC 
Please describe the problem:
Currently krb5-auth-dialog doesn't use any special memory functions/widgets to protect the password. The attached patches use the code and widget from gpg's pinentry to enhance this situation.

Steps to reproduce:
1. 
2. 
3. 


Actual results:


Expected results:


Does this happen every time?


Other information:
Comment 1 Guido Günther 2008-06-13 15:34:45 UTC 
Created attachment 112689 [details] [review]
GtkSecureEntry widget from pinentry

I didn't do any reformatting/renaming to make merging back and forth between pinentry easier.
Comment 2 Guido Günther 2008-06-13 15:35:30 UTC 
Created attachment 112690 [details] [review]
Move dbus handling into a separate file

Not strictly necessary, but it will be needed for the dbus ticket acquiry code anyways.
Comment 3 Guido Günther 2008-06-13 15:36:17 UTC 
Created attachment 112691 [details] [review]
Actually use the secmem/GtkSecureEntry code

switch password field from GtkEntry to GtkSecureEntry
Comment 4 Guido Günther 2009-01-10 13:29:16 UTC 
comitted to trunk.