password safes for mac
Adam Shostack
adam at homeport.org
Wed Jul 1 11:03:13 EDT 2009
On Tue, Jun 30, 2009 at 11:26:06AM -0500, Nicolas Williams wrote:
| On Mon, Jun 29, 2009 at 11:29:48PM -0700, Jacob Appelbaum wrote:
| > This would be great if LoginWindow.app didn't store your unencrypted
| > login and password in memory for your entire session (including screen
| > lock, suspend to ram and hibernate).
| >
| > I keep hearing that Apple will close my bug about this and they keep
| > delaying. I guess they use the credentials in memory for some things
| > where they don't want to bother the user (!) but they still want to be
| > able to elevate privileges.
|
| Suppose a user's Kerberos credentials are about to expire. What to do?
What fraction of mac users are using Kerberos?
Adam
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list