master password gsoc project

[Richard Laager]

On Wed, 2008-05-21 at 23:50 +0200, Vivien Bernet-Rollande wrote:
> - From this, it seems the "secret" or optional entropy is pretty much
> any kind of data + the size, and it would be possible to use it for a
> password. There are some drawbacks to that implementation, but it
> seems feasible. This also means we have a total control on the prompt
> window's design.

Yes, it may work.

> This would indeed make sense, having a cross-platform plugin.

> I've seen that there's a whole cipher infrastructure in libpurple, so
> such a plugin could probably make use of that code. Haven't checked
> what algorithms are available though.

Yeah, we could do it there, or via our SSL plugins. It's not a huge
hurdle.

> Also, it seems to me it would be a better thing to store the protected
> data in another file, unlike the patch, which modifies the structure
> of the accounts.xml file.

Why? That seems like the perfect place for it.

> The way I see it is the following : by default, the plugin works in a
> totally transparent way. The user never gets prompted anything,
> password are secured with his system password, simple, clean and easy.

Agreed.

> But from the configuration interface, the user could set a master
> password, adding an extra layer of security (in case the system
> account is shared by multiple users for instance).

Then they should use multiple OS users instead.

> Second, some users might like an extra layer of
> protection, since having a pidgin-specific password makes it harder
> for other applications.

If you're running untrusted applications, there's not really much we can
do to protect against that.

Richard
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://pidgin.im/pipermail/devel/attachments/20080521/52c2077c/attachment.sig>