Date: Sun, 13 Apr 2008 23:21:21 +0000 (UTC) From: Coleman Kane <cokane@FreeBSD.org> To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/security/seahorse Makefile ports/security/seahorse/files patch-libseahorse_seahorse-secure-memory.c patch-libseahorse_seahorse-secure-memory.h Message-ID: <200804132321.m3DNLLnh011839@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
cokane 2008-04-13 23:21:20 UTC
FreeBSD ports repository (src committer)
Modified files:
security/seahorse Makefile
Added files:
security/seahorse/files
patch-libseahorse_seahorse-secure-memory.c
patch-libseahorse_seahorse-secure-memory.h
Log:
Add some improved logic to seahorse to have it gracefully fall back to insecure
memory usage for sensitive storage when gnome-keyring doesn't have the privileges
to use mlock(2)/munlock(2). This behavior is much more useful than the ungraceful
dereference of a NULL pointer (and subsequent crash of the seahorse programs) that
currently is employed.
This patch makes seahorse (and seahorse-agent, seahorse-daemon, etc.) warn the user
about having to use secure memory so that consumers such as Evolution and other
software can make use of seahorse.
A larger and more valuable project would be to provide some sort of unprivileged
user mlock(2) support in the base system. Some ideas are currently being discussed.
Reviewed by: marcus, gnome@, imp
Approved by: marcus (gnome)
Revision Changes Path
1.65 +1 -0 ports/security/seahorse/Makefile
1.1 +42 -0 ports/security/seahorse/files/patch-libseahorse_seahorse-secure-memory.c (new)
1.1 +11 -0 ports/security/seahorse/files/patch-libseahorse_seahorse-secure-memory.h (new)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200804132321.m3DNLLnh011839>