Bug#628383: more work needed
Andreas Henriksson
andreas at fatal.se
Sat Apr 26 09:39:02 UTC 2014
Control: tag -1 - patch
While I appreciate the feedback on how mlock works on kfreebsd
and including a patch along with discussions of technical details
is nice, I'm going to remove the patch tag.
Maye I misunderstood something but i think there's a reason the
memory is mlocked; to avoid leaking sensitive information into swap.
We can't just kill off security by patching out the check for
working mlock. Atleast not without a big fat warning dialog
where the user opts out of security first.
As I see it if there's no way to securely do the same thing on
kfreebsd, then this package simply can't work on kfreebsd.
On a side-note: AFAIK libgnome-keyring is deprecated (in favor of
libsecret). Efforts might be better spent on helping users port
their code away from libgnome-keyring, but since there are
quite a few reverse dependencies in the archive I doubt it
will be practically possible to achive the goal of having all
of them ported before the Jessie freeze.
Regards,
Andreas Henriksson
More information about the pkg-gnome-maintainers
mailing list