Users are greeted by this dialog on the first request by any application.
Even if they press cancel, the dialog will pop up on subsequent requests again.
The only way to disable this is using the KCM, which is not intuitive enough.
So add a new option to the new wallet creation dialog.
Details
- Reviewers
- None
- Group Reviewers
Frameworks
Selected the option, kwallet is now disabled.
Diff Detail
- Repository
- R311 KWallet
- Branch
- disableopt
- Lint
No Linters Available - Unit
No Unit Test Coverage - Build Status
Buildable 2035 Build 2053: arc lint + arc unit
This fixes part of a downstream bug report: https://bugzilla.opensuse.org/show_bug.cgi?id=1104462
+1, looks good to me (I just wonder how well KDE applications actually behave with KWallet disabled...)
Isn't this actually bad for the privacy goal? AFAIK some apps will just write the password in cleartext in a config file when kwallet is not present.
src/runtime/kwalletd/knewwalletdialog.h | ||
---|---|---|
67 | do we really need to rename this? |
It's not selected by default - but maybe that can be emphasized in the option's name?
Quit kwalletd if option was selected.
The .sync is necessary because the change is made in a KSharedConfig but read
by the simple KConfig in reconfigure. I guess it should use KSharedConfig
everywhere and just call "reparseConfiguration" in reconfigure manually. That's
something for another patch however.
src/runtime/kwalletd/knewwalletdialog.h | ||
---|---|---|
67 | It's not just a rename - it's doing the opposite now as there are three instead of two actions. If you follow which slot this ends up, it's responsible for switching between "Next" and "Finished" buttons in the step. Next is only shown if GPG is selected, so this makes IMO more sense. |
The patch looks OK to me, but yeah, it should be emphasized that disabling KWallet *reduces* security greatly.