On Friday 04 September 2009 13:53:24 Boyd Stephen Smith Jr. wrote: > In <200909041312.26461.john_82@xxxxxxxxxxxxx>, John wrote: > >Dare I mention how it's impossible to add to the address book once kwallet > > has been activated without editing files. > > That doesn't make sense to me. I just KWallet for all my passwords for KDE > 3.5 and KDE 4.2 and I have no problem editing and adding to my address book > when it is open. > > > I'm also > > concerned about the fact that there is clearly a back door into the > > system. > > Details? I'm running kde 3.5.7 release 92.9 and kmail 1.9.6 enterprise suse 64bit Say I right click an email address in from and select add to address book I get The address book '/home/john/.kde/share/apps............' is locked by application ''. If you believe this is incorrect, just remove the lock file from '/home/john................... If I open the address book and select and entry and delete it I get the same message and the deleted entry disappears. If I close the address book and open it again it's there again. This also leaves me wondering why an application can read the files without having obtained a password but maybe the kmail start up password explains this. The backdoor goes back to a spooky experience on here. I asked how to recover email passwords from kmail. I had lost my hard copy of them. The thread eventually suggested that I should really use kwallet to protect the password files and my address book as they are not secure. Next thing my address book and email password files had gone. This is too spooky to be a coincidence. The install is as per suse and I haven't activated anything that could allow this to happen. Also checked for root kits etc. On top of this I have wondered if Kevin posts via a proxy to protect himself - just on the basis of a question he asked some time ago. One thing for sure my email files disappeared at an extra ordinarily appropriate time to leave me feeling a more than a little paranoid on this subject. I have also gone through rites and sharing etc. No clue there either. My set up also flies through all of the grc.com checks. Pity there isn't a site that aims the checks specifically at a linux machine. These days I take steps to ensure that back tracing my emails to the list are highly unlikely to lead to my machine but the mechanism some one used must still be there. John ___________________________________________________ This message is from the kde mailing list. Account management: https://mail.kde.org/mailman/listinfo/kde. Archives: http://lists.kde.org/. More info: http://www.kde.org/faq.html.