https://bugs.kde.org/show_bug.cgi?id=491178
--- Comment #8 from Ana Clara Forcelli <anacforce...@gmail.com> --- (In reply to Nate Graham from comment #7) > We wouldn't use a cronjob, we'd watch the file for changes directly. However > reading the contents of the file would require a daemon with elevated > privileges, which presents security challenges. In addition, we'd need to > cache the old encrypted password to know when it changed to something else, > presenting further security challenges. > > This is all sounding quite risky. At this point I'm going to say that I > don't think the risks are worth the benefits. > > I'd be happy to be proven wrong if someone wanted to submit a patch to do it > that was well-considered from a security angle. > > Thanks anyway for the idea! You're welcome! I'm very glad to contribute :) Perhaps we wouldn't have to cache the encrypted password, just a hash might be enough. However, the daemon with elevated privileges can already be a no-go. -- You are receiving this mail because: You are watching all bug changes.
