[vlc-devel] [PATCH 01/13] keystore: add b_secure

Thomas Guillem thomas at gllm.fr
Fri Feb 26 10:03:04 CET 2016

On Wed, Feb 24, 2016, at 18:12, Rémi Denis-Courmont wrote:
> Le 2016-02-24 15:25, Thomas Guillem a écrit :
> > All keystore modules are secure except the plaintext one.
> Oh come on. Ten years on, have we not learnt to be responsible and 
> careful about what we do? This software is used by tens, if not hundreds 
> of millions of people. We cannot just blindly put features above all 
> else.
> Like Denis said, we do NOT store clear text credentials in persistent 
> storage. Ever.
> Maybe you can read/write them as clear-text if you know that the 
> underlying file system is ciphered and the operating system separates 
> applications. But that would still qualify as "secure". So no flags.

Yes, this is the case for android. Ok, I'll do without this flag.

> -- 
> Rémi Denis-Courmont
> http://www.remlab.net/
> _______________________________________________
> vlc-devel mailing list
> To unsubscribe or modify your subscription options:
> https://mailman.videolan.org/listinfo/vlc-devel

More information about the vlc-devel mailing list