[Gaim-devel] Password Obfuscation/Encryption in .gaimrc

[Michael L. <ma...@la...>]

I've just read the discussion about password encryption (libyahoo2
integration thread) and I must say that I find the attitude of the
developers on this subject a bit silly.

What is being asked is a bit of obfuscation , not perfect bulletproof
encryption. A dedicated person can always get around any encryption scheme
there is. If someone has physical access to my linux box they can have
root-level permissions in minutes - that does not mean I leave my root
password on a post it note glued to my monitor. Just because someone can
easily find means of decoding the passwords, does not mean they should be
available in plain view to anyone who happens to glance at the rc file.

Besides, noone in the discussion mentioned the obvious solution of having
all passwords encrypted by a single password you have to type in at start
time. This will eliminate every reason given against encryption in the
thread.

All that being said, I am not writing to start another flame war here. I
respect the developers descision even if I do not agree. It is their
decision to make. But this is an open source project and I was just
wondering that since it was mentioned that many people submitted patches to
solve this issue, can I get some pointers to those patches? I am not a real
programmer and thus make it a rule not to edit software unless I absolutely
have to - I'd rather not have to mess with gaim source code. Has someone on
this list written/have such a patch they can send me?


Thank you.

-Michael