https://bugs.kde.org/show_bug.cgi?id=438070

Ivan Čukić <ivan.cu...@kde.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|CONFIRMED                   |ASSIGNED

--- Comment #3 from Ivan Čukić <ivan.cu...@kde.org> ---
Hi,

There are two CLI-only commands that the Vault supports that were introduced
for nice integration with KDE Connect [1]:

qdbus org.kde.kded5 /modules/plasmavault closeAllVaults
qdbus org.kde.kded5 /modules/plasmavault forceCloseAllVaults
qdbus org.kde.kded5 /modules/plasmavault closeVault
qdbus org.kde.kded5 /modules/plasmavault forceCloseVault

Opening vaults from CLI is problematic. Communicating the password between the
CLI command and the Vaults service would be insecure. This might be doable in a
secure way if the CLI command cloned the whole logic of GUI Vaults, but this
would need some non-password synchronization between different things that are
allowed to open vaults. This would need to be thought through and will result
in significant refactor / reimplementation.

The good part of this potential refactor, if I manage to prove it doesn't open
new vectors of attack, is that it would allow Plasma to show password fields
inline in the Vault applet instead of them being shown in a separate window
owned by a random process (KDED).

I'll mark this as assigned.

[1] https://cukic.co/2018/04/14/plasma-vault-with-kde-connect-and-more/

-- 
You are receiving this mail because:
You are watching all bug changes.

Reply via email to