Revelation password manager issue
kevin at scrye.com
Thu Jun 14 14:42:47 UTC 2012
On Thu, 14 Jun 2012 07:40:50 -0500
Josh Bressers <josh at bress.net> wrote:
> Hello all,
> I suspect this is going to be a weird problem to figure out.
> Relevation password manager
> Password Manager
> Has been found to be unsafe.
> I would hope it gets fixed at some future point, but something should
> probably be done in the short term.
> I'm not sure what Fedora precedent is on issues like this. We can't
> really revoke such a package, and we also want to give users a warning
> to use a different password manager (I'm not entirely sure how to best
> do this).
> Does anyone have any thoughts?
Sad ones. ;(
- Push out an update that adds a big warning dialog to the package
pointing to the issues
- Obsolete the package with another password manager thats more secure.
This is not very ideal though as it's unlikely to have the same
features and so on.
- Update the package with a readme, etc on the issue, replacing the
binary. This is non ideal as it's removing functionality (all be it
I guess I would say the first option is the best, but thats something
that the maintainer(s) of the package should put together, or at least
agree with someone creating.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 836 bytes
Desc: not available
More information about the devel