[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: can emacs use the mac os x keychain?
From: |
David Reitter |
Subject: |
Re: can emacs use the mac os x keychain? |
Date: |
Thu, 29 Jul 2010 14:52:14 -0400 |
On Jul 29, 2010, at 9:17 AM, Ted Zlatanov wrote:
>
> AR> A useful-sounding idea but seems mainly like something that would be
> AR> a third-party package or maybe part of Aquamacs. Are there any
> AR> platform-independent parts of the needed functionality that the NS
> AR> port lacks and Emacs on X11 or W32 has?
>
...
> Assuming we get the NS port access to the Mac OS X keychain, that leaves
> W32 as the only major platform lacking keychain support. I don't
> believe W32 has a standard keychain so that may be OK.
I principle, the C part would be fairly simple. There are separate functions
for "internet passwords", which retrieve and store passwords for a
host/port/account combination.
Am I right assuming that we would need an API paralleling that provided by
secrets.el?
There are a few issues as far as I can see:
- The user is prompted via a graphical dialog to unlock a keychain (i.e., to
provide a password protecting all the passwords). When in TTY, we shouldn't do
this, but unlock the keychain ourselves, i.e., read a password from the user
via a (password) minibuffer. This sort of interaction would have to be handled
by an extra Lisp layer. (Once the application is trusted, this prompt would go
away.) How is this done in GNOME?
- Any passwords that we obtain would probably have to be copied so we can
return them as a Lisp string. What provisions are in place in order to protect
the copy and guarantee its deletion after use?
http://developer.apple.com/mac/library/documentation/Security/Reference/keychainservices/Reference/reference.html#//apple_ref/c/func/SecKeychainFindInternetPassword
Re: can emacs use the mac os x keychain?, YAMAMOTO Mitsuharu, 2010/07/29