I've read the page justifying why gaim has such lame password protection but for the life of me I can't work out why it doesn't have a system like mozilla/firefox. where all the passwords are encrypted using a master password that the user needs to enter when they run gaim.
I have 10 accounts in my gaim setup and it's a real pain having to enter that many passwords. my home dir is on a network filer so I can't control access as easily as if it were my own machine. I don't mind the password being in memory I don't want it stored in plain text on the disk. some protocols (Google Talk's Jabber) send the password over a secure channel.
I imagine a setup like this would be relatively easy to create has someone submitted a patch and it's been rejected?
If google can back down from their 'we don't do talk' surely gaim can encrypt passwords?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
it took mozilla/firefox a long time to get the master password support right. for many versions, enabling it was begging to lose access to the ability to save passwords at all. it isn't easy to do.
My expectation is that no sooner would we implement such a feature (which would be acceptable from a security standpoint), than we would be bombarded by requests that it be optional. And not just optional, but something that someone can set and unset multiple times over the course of their gaim use. This is entirely reasonable, but its yet more work on functionality that I know, again, having watched mozilla's development, is not easy to get right.
Further, as I state in that page, unix has fairly strong permissions already. I really don't consider this a noteworthy security risk. Thus I'm not going to spend my time working on it, and I'm not going to ask any other developer to spend their time on it.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
What about windows users? although I would be using it under linux.
However there's a massive difference between being able to see people's passwords when they leave their terminal unlocked by cat-ing a file and not being able to see them unless you know the master password.
So I get from this discussion that if someone submitted a patch that was acceptable (usage, feature and code wise) then we're not talking about some holy war/philosophical issue that will NOT be allowed in the codebase?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
the only philosophical issues are those listed in the plaintext passwords page. We won't accept a patch implementing security-by-obscurity. And I'd be adverse to a patch that implemented a misleading level of security (ie if there's a risk of someone catting a file that is access controled, there's also a risk of someone attaching gdb to that process. so pay attention to point #1 in http://gaim.sourceforge.net/plaintextpasswords.php\)
but yes, if you implement a high quality patch to add this feature, we will look at accepting it.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
If you are on Windows using NTFS, you could simply encrypt the file that contains the passwords. This of course only applies if your user account is password protected.
Then that password is effectively your master password, as encrypted files are not readable without you being logged in (save for users you share your keys with, of course).
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I've read the page justifying why gaim has such lame password protection but for the life of me I can't work out why it doesn't have a system like mozilla/firefox. where all the passwords are encrypted using a master password that the user needs to enter when they run gaim.
I have 10 accounts in my gaim setup and it's a real pain having to enter that many passwords. my home dir is on a network filer so I can't control access as easily as if it were my own machine. I don't mind the password being in memory I don't want it stored in plain text on the disk. some protocols (Google Talk's Jabber) send the password over a secure channel.
I imagine a setup like this would be relatively easy to create has someone submitted a patch and it's been rejected?
If google can back down from their 'we don't do talk' surely gaim can encrypt passwords?
it took mozilla/firefox a long time to get the master password support right. for many versions, enabling it was begging to lose access to the ability to save passwords at all. it isn't easy to do.
My expectation is that no sooner would we implement such a feature (which would be acceptable from a security standpoint), than we would be bombarded by requests that it be optional. And not just optional, but something that someone can set and unset multiple times over the course of their gaim use. This is entirely reasonable, but its yet more work on functionality that I know, again, having watched mozilla's development, is not easy to get right.
Further, as I state in that page, unix has fairly strong permissions already. I really don't consider this a noteworthy security risk. Thus I'm not going to spend my time working on it, and I'm not going to ask any other developer to spend their time on it.
What about windows users? although I would be using it under linux.
However there's a massive difference between being able to see people's passwords when they leave their terminal unlocked by cat-ing a file and not being able to see them unless you know the master password.
So I get from this discussion that if someone submitted a patch that was acceptable (usage, feature and code wise) then we're not talking about some holy war/philosophical issue that will NOT be allowed in the codebase?
the only philosophical issues are those listed in the plaintext passwords page. We won't accept a patch implementing security-by-obscurity. And I'd be adverse to a patch that implemented a misleading level of security (ie if there's a risk of someone catting a file that is access controled, there's also a risk of someone attaching gdb to that process. so pay attention to point #1 in http://gaim.sourceforge.net/plaintextpasswords.php\)
but yes, if you implement a high quality patch to add this feature, we will look at accepting it.
> has someone submitted a patch and it's been rejected?
I just made a patch to do this:
http://dooglus.rincevent.net/gaim/
I don't know where best to submit it though. I posted to the gaim-devel mailing list.
If you are on Windows using NTFS, you could simply encrypt the file that contains the passwords. This of course only applies if your user account is password protected.
Then that password is effectively your master password, as encrypted files are not readable without you being logged in (save for users you share your keys with, of course).