[squeak-dev] #clearCredentials vs. ModificationForbidden

Marcel Taeumel marcel.taeumel at hpi.de
Thu Jun 11 06:23:20 UTC 2020

Hi Chris.

> There's an opportunity to improve the system by mere deletion.

Well ... Monticello needs file-system access anyway for the package-cache. So, I think you are right. :-)

Am 11.06.2020 03:22:00 schrieb Chris Muller <asqueaker at gmail.com>:
Hi Marcel,

this reads like the central password-safe storage Tobias proposed earlier in this thread. 

Okay, but #userAndPasswordFromSettingsDo: exists and works now.  There's an opportunity to improve the system by mere deletion.
That storage can be in the file system anyway or use a dedicated interface to the VM to wipe its contents from the object space.

Except we're not wiping the contents on image save, so everyone's passwords are being left in dozens of images.  People reuse sensitive passwords.  We should care about that.
I would rather not hard-code it to always rely on file-system access though. :-) Squeak runs without even having access to .changes file.

For this, please prioritize for security first.  Monticello doesn't run without the filesystem.  We have an easy opportunity to better safeguard private user data, is there something else that's rubbing you wrong about this idea?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squeakfoundation.org/pipermail/squeak-dev/attachments/20200611/715cfdc1/attachment.html>

More information about the Squeak-dev mailing list