| Summary: | New % placeholder representing full SMB path including password | ||
|---|---|---|---|
| Product: | [Applications] systemsettings | Reporter: | lorenzo |
| Component: | kcm_filetypes | Assignee: | David Faure <faure> |
| Status: | RESOLVED INTENTIONAL | ||
| Severity: | wishlist | CC: | nate, plasma-bugs-null |
| Priority: | NOR | ||
| Version First Reported In: | 5.20.2 | ||
| Target Milestone: | --- | ||
| Platform: | Manjaro | ||
| OS: | Linux | ||
| Latest Commit: | Version Fixed/Implemented In: | ||
| Sentry Crash Report: | |||
|
Description
lorenzo
2020-11-21 00:52:33 UTC
This would have to be proposed at the FreeDesktop level as there is a spec governing such things: https://specifications.freedesktop.org/desktop-entry-spec/desktop-entry-spec-latest.html Regarding the particular issue you're trying to resolve, installing kio-fuse should do it. :) Proposed here: https://gitlab.freedesktop.org/xdg/xdg-specs/-/issues/69 David Faure, from the Desktop Entry Specification team, answered: «This is very unsecure, all other users on the system can use ps to see the password. That's the reason why it's not done this way. Also, the Desktop Entry Specification (https://specifications.freedesktop.org/desktop-entry-spec/desktop-entry-spec-latest.html) doesn't say that the password should be removed so this is more of a KDE question than a freedesktop spec topic IMHO.» So maybe the best solution on the KDE side would be to provide an «Add share password to the URL» checkbox, maybe with a warning about the security issue, to let the user choose? The KDE solution is to use kio-fuse which transparently handles this exact use case without the need to expose any passwords in plaintext. So there's no reason to implement the proposal as it is redundant with an existing approach that solves the problem, just in a different way. :) |