[Dar-libdar_api] Re: problem compiling KDar with libdar CVS
For full, incremental, compressed and encrypted backups or archives
Brought to you by:
edrusb
Menu
▾
▴
[Dar-libdar_api] Re: problem compiling KDar with libdar CVS
|
From: Denis C. <dar...@fr...> - 2004-11-07 18:34:33
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Johnathan Burchill wrote: | Hi Denis, Hello Johnathan, | |[...] |>Yes you are right. user_interaction::pause() is only able to handle |>boolean questions. Thus I had to add a new method to user_interaction |>class: |> |>~ std::string get_string(const std::string & message, bool echo); |> | | | I'd like to get your opinion on confirming passwords. | | When a user needs to enter a password to encrypt a file, I think he/she | should be asked to confirm what they entered. If the password is for | decryption, no confirmation should be required. Yes, that's right, but only when password is given interactively (not from the command-line of configuration file for example --- beside the security aspect they raise). | | Is this something that the application or libdar should be concerned about? | If the application has to keep track of whether an archive is being | created or read, that is okay, but means repetitive coding for everyone | who uses libdar, and more complicated code at the application level. I'd | rather let libdar decide whether to confirm passwords, with a method like | | std::string get_string( const std::string & message, bool echo, bool | confirm ); | | What do you think? The problem here is that get_string() is called by libdar only. So the application cannot tell libdar this way for a confirmation. I agree that It may be more simple to make the confirmation code in libdar once and for all other client programs. So, I would rather add a boolean argument called "pass_confirm" (for example) to the "create" and "isolate" archive constructors. This way the application decides whether password confirmation is needed or not. And libdar will call once, twice or more time the user_interaction::get_string() method to get two identical passwords or just one. | | [...] | | JB | Cheers, Denis. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFBjmqupC5CI8gYGlIRAlrNAJ4jC3w6+5fwhiN99/63pQ1ozIVeaACeIGZt nthncMOA05GvE58tknElS7Y= =8Ce5 -----END PGP SIGNATURE----- |
