[arch-general] kmail spellcheck reporting no errors when there plainly are errors - can someone confirm?
Daenyth Blank
daenyth+arch at gmail.com
Wed Nov 25 10:51:40 EST 2009
On Wed, Nov 25, 2009 at 10:05, David Rosenstrauch <darose at darose.net> wrote:
> On 11/25/2009 04:43 AM, David C. Rankin wrote:
> FYI - I've set the kwallet password to nothing, and it's seemed to work out
> nicely, as it no longer prompts me for the wallet password at inopportune
> times.
>
> In theory this is less secure. But since no one can be logged into my box
> as me without my account password anyway, in reality there's no way anyone
> can access my kwallet passwords without having my account password first.
> Maybe give this a shot?
>
> HTH,
>
> DR
>
If you're running any services that face an open network, you are in
theory vulnerable to an exploit in the service. Also, there have been
exploits in web browsers like firefox that would give user-level
access. This could potentially give the attacker access to your wallet
without your user password, depending on the exploit(s) used. In this
case, *all* your passwords will be comprimised. Using a password
manager without a password itself is bad for your security.
More information about the arch-general
mailing list