Re: [PATCH v3] credential/libsecret: support password_expiry_utc

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



M Hickford <mirth.hickford@xxxxxxxxx> writes:

> Yes, I think that would work nicely. A format such as that below would
> be backwards compatible (passwords already can't contain newlines) and
> self explanatory to any curious user browsing their secret store. I
> already have a draft that works much like this. I'll prepare a patch
> v4.
>
>     7d7b554
>     password_expiry_utc=1684179877
>     oauth_refresh_token=be8a9aa3
>
> Is the secret store ever shared with other applications such as a web
> browser? If so, sharing is already broken, because popular Git hosts
> such as GitHub and GitLab expect different passwords for web login and
> Git authentication (OAuth token or personal access token).

It probably is a good argument.  We do not have to worry about
interoperating with browsers and their authentication with Git
hosting sites.  And the "newline can be used to add extra pieces of
information" is a good trick ;-)

> A solution
> could be to introduce our own libsecret schema (as in the current
> patch) instead of continuing to use SECRET_SCHEMA_COMPAT_NETWORK
> potentially shared with other apps. I'm not sure whether that's
> worthwhile in this patch. I defer to you.

It may depend on what other Git GUI frontends may want to do.  If
there is no precedent and you are the pioneer, then using our own
would be perfectly fine and we can let others also read from us if
they want to; I presume that it would not prevent us from doing so
even if did not use COMPAT_NETWORK (which gnome dev document even
discourages of its use in new applications anyway).

Thanks.





[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux