Lock tray Icon

Archived discussion about features (predating the use of Bugzilla as a bug and feature tracker)

Moderator: Moderators

Locked
SasMan
Posts: 15
Joined: 2004-03-06 17:31

Lock tray Icon

Post by SasMan » 2004-07-05 17:34

Well, as it says in the subject line, it would be nice if you could lock dc++ att the tray, so when you want to open it, it asks for a password.
SasMan

Twink
Posts: 436
Joined: 2003-03-31 23:31
Location: New Zealand

Post by Twink » 2004-07-05 17:37

the only problem is see with this idea is that if the user still has access to read settings.xml they can find the password out with no effort. unless someone feels like making a oneway hash or storing it in a different place....

TheParanoidOne
Forum Moderator
Posts: 1420
Joined: 2003-04-22 14:37

Post by TheParanoidOne » 2004-07-05 18:27

Why would you want this feature?
The world is coming to an end. Please log off.

DC++ Guide | Words

Gasman1015
Posts: 184
Joined: 2003-05-26 11:29
Location: UK

Post by Gasman1015 » 2004-07-05 18:29

Twink wrote:the only problem is see with this idea is that if the user still has access to read settings.xml they can find the password out with no effort. unless someone feels like making a oneway hash or storing it in a different place....
I think you are looking too deep into it Twink, maybe Sasman only wants to prevent it from being opened by non techies.

Big mistake to hide the password to well, think of all the future whining when they forget the password. :wink:
Always remember you're unique, just like everyone else.

SasMan
Posts: 15
Joined: 2004-03-06 17:31

Post by SasMan » 2004-07-06 08:52

Just like Gasman says. I just want to prevent people like my sister, to open my dc.
SasMan

GargoyleMT
DC++ Contributor
Posts: 3212
Joined: 2003-01-07 21:46
Location: .pa.us

Post by GargoyleMT » 2004-07-06 11:07

Use XP and have separate users.

Twink
Posts: 436
Joined: 2003-03-31 23:31
Location: New Zealand

Post by Twink » 2004-07-06 20:38

GargoyleMT wrote:Use XP and have separate users.
Agreed, using Fast User switching makes alot more sense.

cyberal
Posts: 360
Joined: 2003-05-16 05:42

Post by cyberal » 2004-07-16 04:11

I wanted this feature before too, everyone doesn't have XP or want to have to log in/log out every time you leave the computer.. just want to minimize DC and prevent his little sister from messing with it.. It's a valid reason.. and I think you dismiss it way too fast.. like Gasman say.. we're not looking for any security here.. it's just the non-techies we want kept out.. it doesn't even have to be a password.. could be a key-combination or something like that too...
http://whyrar.omfg.se - Guide to RAR and DC behaviour!
http://bodstrom.omfg.se - Bodströmsamhället, Länksamling om hoten mot vår personliga integritet

GargoyleMT
DC++ Contributor
Posts: 3212
Joined: 2003-01-07 21:46
Location: .pa.us

Post by GargoyleMT » 2004-07-16 19:35

cyberal wrote:It's a valid reason.. and I think you dismiss it way too fast..
No, it's a far less useful feature than most of those in the Feature Tracker. And I really do believe that XP's user switching accomplishes the goal a lot better than a fully-assed password protection feature in DC++.

PseudonympH
Forum Moderator
Posts: 366
Joined: 2004-03-06 02:46

Post by PseudonympH » 2004-07-16 20:53

GargoyleMT wrote:fully-assed
I'd like to thank you for increasing my vocabulary.

cyberal
Posts: 360
Joined: 2003-05-16 05:42

Post by cyberal » 2004-07-19 02:36

the point was that his doesn't have to be "fully-assed"..
http://whyrar.omfg.se - Guide to RAR and DC behaviour!
http://bodstrom.omfg.se - Bodströmsamhället, Länksamling om hoten mot vår personliga integritet

cologic
Programmer
Posts: 337
Joined: 2003-01-06 13:32
Contact:

Post by cologic » 2004-07-19 09:31

Deceptively weak security is worse than none, as it encourages reliance upon a trivially circumvented measure, setting users up to be rudely surprised when it's 'broken'.

GargoyleMT
DC++ Contributor
Posts: 3212
Joined: 2003-01-07 21:46
Location: .pa.us

Post by GargoyleMT » 2004-07-19 19:32

cyberal wrote:the point was that his doesn't have to be "fully-assed"..
I think, by definition, that a password prompt when you try to restore a window is by definition half/fully assed security. Especially since the password will be in DCPlusPlus.xml in plaintext (or in salted TTH form), and can easily be changed or removed.

Thus, I agree:
cologic wrote:Deceptively weak security is worse than none, as it encourages reliance upon a trivially circumvented measure, setting users up to be rudely surprised when it's 'broken'.

Locked