emacs-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: can emacs use the mac os x keychain?


From: Ted Zlatanov
Subject: Re: can emacs use the mac os x keychain?
Date: Fri, 30 Jul 2010 08:24:28 -0500
User-agent: Gnus/5.110011 (No Gnus v0.11) Emacs/24.0.50 (gnu/linux)

On Fri, 30 Jul 2010 09:13:22 +0900 YAMAMOTO Mitsuharu <address@hidden> wrote: 

>>>>>> On Wed, 28 Jul 2010 09:53:03 -0500, Ted Zlatanov <address@hidden> said:
>> Adrian, is there any chance that the NS Emacs port can provide those
>> keychain functions through an ELisp layer?  It would make it easier
>> and more secure to get user passwords, plus users wouldn't need to
>> install the helper program.

YM> Mac OS X 10.3 or later comes with a command line interface
YM> /usr/bin/security for keychains.  Did you try it?  Or do you mean it
YM> was not sufficient with respect to functionality or security?

YM> A merit of the use of an external program is that we can use it
YM> regardless of several builds on the platform including TTY-only and
YM> X11.

I didn't know about this helper app.  Thank you for mentioning it.  I
expected to have to write a special one (see the original post in this
thread).  If it pops up the GUI dialog when possible, it's sufficient in
terms of UI functionality, but we also have to worry about X11 and TTY
modes (and what if you log in remotely over SSH?).

If /usr/bin/security can handle regular and internet keychains (the two
types David Reitter mentioned) then it's sufficient in terms of backend
functionality.  I don't think it can ever be as secure, however, as a
direct C call, so for security I'd rather use direct C calls if that's
an option.

I am far from expert on Mac OS X issues so I'll go with whatever you,
David Reitter, and Adrian Robert (and other experts on that platform)
decide.

Ted




reply via email to

[Prev in Thread] Current Thread [Next in Thread]