Re: [gcmd-dev] [NEW] Use of GNOME authentication manager for user's security credentials

[Michael]

> The rev #1200 changes that. There has been added direct dependency on
> gnome keyring (aka gnome auth. manager/daemon) what makes gcmd unusable
> in non-gnome environments. This is BAD.


ACK (although the ida was from me) i always was opting for independnence

> I think Magnus' objections against that sound very reasonable here.

It's easy to support his objections. eg, passwords in several places mean they 
are more hard to detect, to steal. Where *one* secutiry hole in gkd could screw 
it all up.
It depends on how importan your logins are. If they are really very important, 
then i'd store them never on disk anyway.


> IMHO the right solution for that should be:
>         1. using the GNOME authentication manager for login/password
>         handling (this should be default option)
>         2. there should be an option (per connection) not to use auth
>         daemon - in this case password will be stored in text file in
>         the old way

that's a good apporach !

It's always good to leave users a choice.

>         3. all ftp connections will be imported as 'not auth'ed by gnome
>         keyring' - so nothing will disappear any more

I'm not sure what this means. A warning included into the option GUI checkbox ?
Woulds be sufficient IMHO.

I'm not fully convinced about gkd. It's not been developed since 2005 if IIRC. 
Maybe it's been dropped ? I would be pleased if there's any standard about 
keyrings. 
I'll try to find out how gkd stores passwords if i got spare time ;)