I can't think of a good way other than a reversible hash method. However, if you dig into evolution's code you should find out how they handle it. --Jason On Tue, 2002-11-05 at 12:45, Jacob Perkins wrote: > It's more of a conveniance function, I'd like to do something similar to > evolution's password caching with gpg. Also, the app won't be doing > password checking, only the caching, so I don't think I can use md5 since > it'd need to be a 2 way hash. Is there a way to secure this, or at least > obscure it? > > > It would be *very* insecure. Any root-level program could pick up that > > password very easily just by examining /dev/kmem. Why would you want to > > store that password for the life of a program anyway? It's standard > > procedure for programs that accept passwords to forget them immediately > > after receiving them and doing the authentication. > > > > --Jason > > > > On Tue, 2002-11-05 at 00:41, Jacob Perkins wrote: > >> How (in)secure would it be to have a static gchar that would save a > >> plaintext password? The gchar would start off null, but could later > >> contain a password, and is static for the life of the app. Is there a > >> better way to do this? > > -- > > Jason A. Pfeil pfeil 10East com > > Senior Open Systems Engineer http://www.10East.com > > 10East, Inc. (904)220-DOCS > > > > _______________________________________________ > desktop-devel-list mailing list > desktop-devel-list gnome org > http://mail.gnome.org/mailman/listinfo/desktop-devel-list -- Jason A. Pfeil pfeil 10East com Senior Open Systems Engineer http://www.10East.com 10East, Inc. (904)220-DOCS
Attachment:
signature.asc
Description: This is a digitally signed message part