[arch-general] kmail spellcheck reporting no errors when there plainly are errors - can someone confirm?

David Rosenstrauch darose at darose.net
Mon Nov 30 11:50:34 EST 2009

On 11/25/2009 10:51 AM, Daenyth Blank wrote:
> On Wed, Nov 25, 2009 at 10:05, David Rosenstrauch <darose at darose.net> wrote:
>> On 11/25/2009 04:43 AM, David C. Rankin wrote:
>> FYI - I've set the kwallet password to nothing, and it's seemed to work out
>> nicely, as it no longer prompts me for the wallet password at inopportune
>> times.
>> In theory this is less secure.  But since no one can be logged into my box
>> as me without my account password anyway, in reality there's no way anyone
>> can access my kwallet passwords without having my account password first.
>>  Maybe give this a shot?
>> HTH,
>> DR
> If you're running any services that face an open network, you are in
> theory vulnerable to an exploit in the service. Also, there have been
> exploits in web browsers like firefox that would give user-level
> access. This could potentially give the attacker access to your wallet
> without your user password, depending on the exploit(s) used. In this
> case, *all* your passwords will be comprimised. Using a password
> manager without a password itself is bad for your security.

Good point.

I started using kwallet without a password so that I wouldn't get 
prompted every time I used command line SVN.  (Long story short:  I 
configured SVN to integrate with kwallet, instead of having it cache my 
password on disk.)  But since I mostly use SVN from Eclipse anyway 
(which has its own password cache) this really isn't such a big hassle 
after all.



More information about the arch-general mailing list