TGOS wrote:
You always have 2 choices here. 1) use the library, possibly statically linking it, or 2) rewrite the needed parts in you app.No, I don't want to write software that depends on some external libraryDoesn't matter.It is your right to choose a language poorly suited to the task
What if I want to write the code in a scripting language that can't
access any external libraries?
you wish to accomplish, of course.
to be present (which may not even exist for the platform it will run
later on) or on the ability to access libraries at all, what's so hard
to understand about it? Everything my software does must be done by the
software itself (except the lowest low-level routines like file and
network access, as well as the GUI if a GUI exists for a certain system
at all).
If you want to use X11 drowing call, you need the X libs. If you want GTK+, use use the GTK+ libs (which need X11 too).
If you want GNOME use us ethe GNOME libs (wehich need GTK+ and X11). You asking for the equivelent of a javascript GNOME API, that doesn't need the GTK+ or X11 libs. You would have to write that yourself.
It is poorly designed to write a software that relies on a library andThen EVERY peice of GUI software written is poorly designed. Try running a win32 program without the MS dlls. Or any GNOME app on a system without the GNOME libs (like MS-Windows or MacOS). even QT, which has MS-Windows libs, requires them to run, and those apps won't run without them. On any system.
then can't work on a system where this library is not present and also
can't be installed (because the library doesn't even exist for the
platform or because one would need root privileges to add the library
which a user just may not have, etc.)
Then store them is a system youy designed. Mozilla stores them in the safest method it can. It wasn't designed to allow editing of that data. However, it does use an open API to the crypto functions. You can replace mozillas NSS modules with your own, and do what you want with the data that module stores. That's the reason mozilla use a crypto module method. To allow changes, like using a smart card reader, or biometric module to be used. If you want, you can write a module that stores the data in a plain text file with NO encryption.You're assuming the intent is to give people access to the data.Yes. This is MY DATA. These are MY PASSWORDS. And, OMG, believe it or
not, I want to have access to MY DATA. Sounds revolutionary to you, but
to most people it sounds plain logically.
Or at least you should be able to. I'm not sure that mozilla supports that reassignment yet. I would like a smart-card or similar removable storage device to hold passwords, and for that devices "master psaaword" use a bimetric scanning device, like finger print or retina scanning. An addon device for this with drivers and PKCS#11 modules for most OS/hardware combinations would be great:)
But not to keep it away of me. Right now it looks like Mozilla rates me,Displaying that information on the screen is insecure. Someone could see the screen/intercept the calls that draw the screen.
the person who provided it with these data in the first place, as
insecure, because it doesn't even allow me to see my own data anymore or
edit it.
That's one of the reason X11 should not be used remotely with an unencrypted transport (SSH tunneling is better), you can grab the X11 packets and display them on your screen. That lets you see everything someone else displays and types.
-Thomas
