[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

The future of gpassman (was Re: gpasman: Intent to file for removal!)

On Tue, Jan 22, 2002 at 10:18:37AM -0500, Scott Henson wrote:
> > Mhmm... it would be nice to fix it and turn it into "Debian passwd
> > manager"... 
> > 
> Unless someone else wants to take this on I will.  I was looking for
> something to keep me awake durring my engineering 102 class(they teach
> C, which I already know).  

 I have been thinking about gpassman lately, I realy like the idea of a
 password manager and gpassman has some good ideas, but I don't think
 that the current implementation is good. Since this may lead to quite a
 code rewrite, I would like to discuss some issues:

 o librc2 seams quite unmaintained, I would think about using something
   else instead for encryption:
    o gpg --symmetric
    o libmcrypt
    o beecrypt2
   Or even better, apply a bit of abstraction code so the encryption
   backend can easly be changed in the future.

 o Letting the user select the algorighm would also be great.

 o Making some kind of (per user) password server and an access library
   for it would be great.
	o You tell the server the master password to unlock the password
	  database and then any program can query/add/modify passwords
	  through the library in the lines of ssh-agent
	o If we get all programs using the same password manager that
          would be a great gain. Instead of having everyone handle
	  passwords in their own insecure way.

 o Making some bonobo component to let other programs manipulate the
   password database.
   	o And a curses frontend.

 o Allowing for some kind of classification with a CTree or similar
   would be great.

 Well, I know I am asking for quite a lot, but I thing that a good,
 fexible and secure password manager would be something great to have. I
 don't say that all should be done right now, but having a clear view of
 where gpassman is going could prove usefull; so please comment.
 I am willing to help on this, I wouldn't have time to take full
 responsbility of gpassman, but I promise to help.

 take care


--- Manuel Estrada Sainz <ranty@debian.org>
------------------------ <ranty@soon.com> ---------------------------------
God grant us the serenity to accept the things we cannot change, courage to
change the things we can, and wisdom to know the difference.

Reply to: