Reg. packaging pam-kwallet for Debian

Maximiliano Curia maxy at
Thu Oct 23 09:44:24 UTC 2014

¡Hola Rahul!

El 2014-10-23 a las 05:09 +0530, Rahul Amaram escribió:
> Totally understand and appreciate this. I didn't think that a package in Ubuntu
> mainstream would need so much review.

Yeah, well, it happens, we are more picky/we aim to have higher quality
software (I guess a bit of both).

> Agreed. But it would be great if we can have this in Debian Jessie. Is it still
> possible?

I don't know, a new package needs to pass the new queue, which usualy takes
some time to graduate from. And then it's 10 days to pass from unstable to
jessie, so, most probably, no. But I guess we can push the backport package
once jessie is released.

>     In the code I don't see any obvious errors, but I'm not an expert in pam
>     modules, some comments though:
>     In kwallet_hash, after the call to error = gcry_kdf_derive(..) it's not
>     checking in error returned something.

>     In prompt_for_password, the memset in the lines:
>         struct pam_response *response = NULL;
>         memset (&response, 0, sizeof(response));
>     is redundant.

> I have not reviewed the upstream code (not sure if I'll be able to understand
> it also). Also, I prefer to leave upstream code unchanged unless it breaks
> something or has some security or performance issues.

It's always a good idea to try to understand some of it.

I'm not sure about the socket file in /tmp. The file name is predictable and
it's even logged before use... oh, it's never used, mmh.

> You can get the source at


"Don't let what you cannot do interfere with what you can do."
-- Wooden's Rule
Saludos /\/\ /\ >< `/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <>

More information about the pkg-kde-talk mailing list