Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [ide-dev] Having to log in to the IDE?

Stephan,

Yes, you can open a bug pretty much against any project that stores anything in the secure storage because the fundamental implementation problem is that it works well on Windows, and Mac, but sucks on Linux. So a simple solution (conceptually if not actually) is to fix the Linux implementation to use some type of native key ring support (no doubt there with 15 different variants of that, perhaps with at least two per GTK variant).

The problem at the design level are questions such as how can I know whether secure storage is accessible yet, how can I know whether it will be prompted if I do try access it, how can I know whether it contains a password for something that needs a password (i.e., some server access) without providing a master password to find out if there's something useful already in the store?

It's clear that on Linux, Firefox can store passwords and does not need you to enter a master password to use those stored passwords, so it's certainly a problem that's solvable... No doubt, given enough design effort, the use of stored passwords could be deferred as long as possible, and some additional storage could be used to remember whether the actual storage contains secure values that are useful to try to fetch. But in the end, it's hard (for me) to motivate large investments in Linux-only problems.

There are some pretty large organizations out there, that use Linux significantly, that could invest in solving such a problem, but perhaps they too have investment motivation problems...

Regards,
Ed


On 14.03.2017 20:03, Stephan Herrmann wrote:
Thanks Andrey, I've debugged some of these situations in the past.
The reason I'm raising the issue on this list is: I feel the
concept is broken by design. Filing bugs against all clients
of secure storage is a game nobody can win, in particular as long
as there is no agreement about good citizenship in this regard.

Am I missing anything?
Stephan


On 14.03.2017 19:55, Andrey Loskutov wrote:
Stephan,

This can be git client trying to read your repo informaton and may be configuring access to remote, but to be sure, please run jstack next time and fill a bug for the component you will find guilty :).

Am 14. März 2017 19:17:58 MEZ schrieb Stephan Herrmann <stephan.herrmann@xxxxxxxxx>:
Why do I have to log in, before I can use my (desktop) IDE?


Here's what I see:

- I live on Linux where Eclipse's secure storage is not backed by any
domain login,
but requires manually entering the password.

- I install Eclipse for simrel via Oomph.

- First thing Eclipse asks me before even doing anything is to enter my
password
for secure storage.


I don't like this for several reasons:

- I tend to use a good password for secure storage, so having to type
in the
password is a real disruption. I have to concentrate on s.t. that is
not my main
focus of work.

- That dialog doesn't give the faintest hint as to *why* my password is
required,
maybe fraud?

- Even considering the specific purpose of the setup for Simrel
contribution,
I cannot think of any reason why my password should be required.


I would be *a lot happier* with the Eclipse IDE if some or all of the
following would change:

- No password dialog without specifying a reason

- No password dialog from background jobs, ever.

- No component requesting access to secure storage in an Oomph setup
where this isn't needed.


Is it just me? How do others feel about this?
Stephan
_______________________________________________
ide-dev mailing list
ide-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe
from this list, visit
https://dev.eclipse.org/mailman/listinfo/ide-dev

--
Kind regards,
Andrey Loskutov

http://google.com/+AndreyLoskutov


_______________________________________________
ide-dev mailing list
ide-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/ide-dev



Back to the top