[vlc-devel] [PATCH 01/13] keystore: add b_secure

Rémi Denis-Courmont remi at remlab.net
Wed Feb 24 18:12:48 CET 2016

Le 2016-02-24 15:25, Thomas Guillem a écrit :
> All keystore modules are secure except the plaintext one.

Oh come on. Ten years on, have we not learnt to be responsible and 
careful about what we do? This software is used by tens, if not hundreds 
of millions of people. We cannot just blindly put features above all 

Like Denis said, we do NOT store clear text credentials in persistent 
storage. Ever.

Maybe you can read/write them as clear-text if you know that the 
underlying file system is ciphered and the operating system separates 
applications. But that would still qualify as "secure". So no flags.

Rémi Denis-Courmont

More information about the vlc-devel mailing list