On Montag, 17. Juni 2013 13:48:39 CEST, Jan Kundrát wrote:
- if there's no QtKeychain at build time, disable password storage altogether and have Trojita ask for one when needed
Wouldn't that render Trojitá "unusable" for "non-DE" users (openbox or so), eventually even the "minor" ones (xfce, lxde)? -> What about warning about the need to store PWs plaintext and required to protect it on the system level? (symlink to encrypted disk/image or USB stick) Otherwise and reg. support for multiple accounts there should at least be a master PW to read encrypted account passwords from HDD, yesno?
PWs shall still be "remembered" in memory while the session is active)
Whatever the approach to this would be (assuming "session" means "until logged out" and not "while process alive") do NOT abuse the X11 server to "temporarily" store it. Everybody and everything could read it from there anytime. Cheers, Thomas
