Expose option to disable KWallet passwords storage
ClosedPublic

Authored by alexeymin on Mon, Jan 7, 9:33 PM.

Details

Summary

Option "noWallet" was already supported in the code,
but was not visible in the configuration UI. This
option is useful on headless servers where you don't
really have a way to enter password to unlock the wallet.

CHANGELOG: Add an option to store passwords without using KDE Wallet
BUG: 397271
FIXED-IN: 19.04.0

Test Plan

Enable option, restart krfb, ensure that passwords are now in ~/.config/krfbrc. Disable option, restart krfb, see that passwords are no longer in krfbrc.

Diff Detail

Repository
R437 Desktop Sharing
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.
alexeymin requested review of this revision.Mon, Jan 7, 9:33 PM
alexeymin created this revision.
aacid added inline comments.Fri, Jan 11, 8:07 PM
krfb/ui/configsecurity.ui
27

This needs a big "YOUR PASSWORDS WILL BE STORED IN PLAIN TEXT IN THE CONFIG FILE"

alexeymin updated this revision to Diff 49567.Tue, Jan 15, 8:33 PM
  • Add a warning about insecure storage in config

To be precise, passwords are not stored as plain text, scrambled using KStringHandler::obscure(). But this is totally insecure anyway, is a wording like this OK?

alexeymin edited the summary of this revision. (Show Details)Tue, Jan 15, 8:39 PM
alexeymin edited the test plan for this revision. (Show Details)
aacid added a comment.Tue, Jan 15, 9:05 PM

I have not tried compiling not tried the code itself, but reading it i can't see anything wrong.

If you think this makes sense you're the closest thing we may have to a maintainer, so i'd say just go ahead and commit it.

This revision was not accepted when it landed; it landed in state Needs Review.Tue, Jan 15, 9:15 PM
This revision was automatically updated to reflect the committed changes.