Summary: | add, edit, delete features for secure store entries via preference UI | ||
---|---|---|---|
Product: | [Eclipse Project] Equinox | Reporter: | Christian Luehe <christian.luehe> |
Component: | Security | Assignee: | Security Inbox <equinox.security-inbox> |
Status: | NEW --- | QA Contact: | |
Severity: | enhancement | ||
Priority: | P3 | CC: | agellendin, christian.luehe, ob1.eclipse, slewis |
Version: | 3.5 | Keywords: | helpwanted |
Target Milestone: | --- | ||
Hardware: | All | ||
OS: | All | ||
Whiteboard: |
Description
Christian Luehe
2009-02-24 16:55:15 EST
this is a more general request to "individual removal of secure store entries via preference UI" (https://bugs.eclipse.org/bugs/show_bug.cgi?id=266033) *** Bug 266033 has been marked as a duplicate of this bug. *** For the edit, one concern that people expressed is a situation when a passer-by could click a few buttons and see the password. I guess one way to approach this would be to say that editing is guarded by a special "access" password created when the secure storage is created. As a possibility: when a new secure storage is created, a user is asked if: 1) They want it to be editable; 2) They want to have an explicit password to guard the edit functionality; 3) [paranoid option] If they want to make this explicit password cleared after every edit or kept for the duration of the session. (If answer to (2) is no, then secure storage would generate the access password itself and keep it encrypted with the master password. This way editing will be possible only when user is logged in.) As a starting point, some of this functionality is available in debug mode added via org.eclipse.equinox.internal.security.ui.storage.view.NodesView#makeActions(). This bug hasn't had any activity in quite some time. Maybe the problem got resolved, was a duplicate of something else, or became less pressing for some reason - or maybe it's still relevant but just hasn't been looked at yet. If you have further information on the current state of the bug, please add it. The information can be, for example, that the problem still occurs, that you still want the feature, that more information is needed, or that the bug is (for whatever reason) no longer relevant. |