https://bugs.kde.org/show_bug.cgi?id=385984
--- Comment #3 from Ivan Čukić <ivan.cu...@kde.org> ---
> Protecting against non-root users is actually pretty easy, just make sure
> that the
> vault is read protected (chmod 700) and you are good.
The problem is not in the non-root-non-us users. If that was the main problem,
then having an encrypted $HOME (which most distributions I've tried support)
would be a good solution.
Here, the main aim is to thwart malicious people that pretend to be us.
>From co-workers that might have the access to our system while we go to
the kitchen to brew a cup of tea, to hackers that managed to get into
our use account.
The rationale behind the current design is that most people do not have
the habit to lock their computers when they leave them, but instead rely
on the screen locker to pop up after some time passed.
For the same reason, I don't expect people to have the habit to close
the vaults manually.
> Your workflow doesn't reflect mine, I often switch activities just for a
> couple of
> seconds to check on the progress of something for instance. (I have an
> activity
> for all my virtual machines, for instance, where i may install a piece of
> software
> or do a system upgrade).
This is a fair point. I also sometimes switch activities for a moment - but
so far I haven't seen this as a problem. Sometimes the vault gets closed
when I didn't want it to (most of the time it stays open because an application
is a accessing it) and I have to reopen it.
> I'm hoping you can make that a little more flexible to allow this software
> to be used for more people that don't all work the same way you do.
My main question here is this - what is the use-case of Vault being visible
only in certain activities, but being open but hidden (hidden only in the
applet,
and only if the vault is currently closed*) in others?
One thing that we could do here, if the use-case fits into this, is to add the
following configuration options (all on by default):
Automatically close:
[x] When switching from an activity the vault is linked to
[x] When the screen locker is activated
I'd like to avoid per-vault configuration for this if it is possible.
*) I don't want to ever hide an open Vault - it would make it even easier
to forget that something is unlocked.
--
You are receiving this mail because:
You are watching all bug changes.
