Re: [platform-core-dev] User Settings proposed solution document

["John Arthorne" <John_Arthorne@xxxxxxxxxx>]

Mike is on vacation for the next couple
of weeks, so I'll try to respond in his absence.  I think the storage
of sensitive information such as passwords will continue to be treated
as a separate concern from the general user settings mechanism.  The
two areas have some very different requirements (user settings should be
shareable, mergeable, exportable, etc).  Eclipse already has a notion
of a secure keyring where passwords and other sensitive information can
be stored.  As we all know there a number of weaknesses in the current
mechanism (mainly that it relies on a command line parameter for supplying
the "single sign on" password that is used as the keyring encryption
key).  I expect this will be addressed by the separate (so far uncommitted)
plan item on a core security model:

https://bugs.eclipse.org/bugs/show_bug.cgi?id=37692

I suggest you add a comment to the bug
report with this idea, and if/when this security plan item moves into active
investigation the idea of OS integration can be considered.

John

Andre Weinand <weinand@xxxxxxx> Sent by: platform-core-dev-admin@xxxxxxxxxxx 07/21/2003 01:07 PM Please respond to platform-core-dev

To:        platform-core-dev@xxxxxxxxxxx         cc:                 Subject:        Re: [platform-core-dev] User Settings proposed solution document

Hi,
I've just glanced over the document and before I can give your "real"
feedback,
I already have a question regarding storing and retrieving of passwords:

Coming from the Mac I've learned to love the concept of a "keychain",
that is a central place in the  OS where passwords are securely 
stored and were applications can easily get access to (if the 
keychain is unlocked of course).

The benefits of using a keychain is that
- users have a single sign-on,
- a single policy exists for dealing with passwords,
- passwords are securely stored if keychain is locked,
- user can lookup and edit their passwords in a safe and secure place 
if they need to
   (for example I change my Novell password in my keychain whenever
the system forces me to
   change it and after that I'm sure never to be asked again for the
new password from any
   application)

So an API for a Keychain service would probably something like this:
getPasswordFromKeychain(...);
storePasswordInKeychain(...);

Do you think platform specific Keychain support for Eclipse would be feasible?
If yes, I can look into the Keychain manager of MacOS X in order to 
give you more detailled
information about how a minimal API could look like.



Thanks,
--andre