diff options
author | Robin Krahl <robin.krahl@ireas.org> | 2018-06-07 00:41:20 +0200 |
---|---|---|
committer | Robin Krahl <robin.krahl@ireas.org> | 2018-06-07 00:41:20 +0200 |
commit | f95e2be7422243bbbb07ae07f6b026bd6d578099 (patch) | |
tree | 81f98fffe8c89b19e82eb9e28ff0d6b1a7a7c2a4 /TODO.md | |
parent | 22e378677d5b00a05c021dc6660651608b384e0d (diff) | |
download | nitrokey-rs-f95e2be7422243bbbb07ae07f6b026bd6d578099.tar.gz nitrokey-rs-f95e2be7422243bbbb07ae07f6b026bd6d578099.tar.bz2 |
Remove NK_lock_device call from PasswordSafe::drop
When enabled, the password safe can be used without authentication. The
lock device can be used to lock the password safe. Currently,
PasswordSafe::drop calls this command to make sure that other
applications cannot access the password safe without authentication.
On the Nitrokey Storage, locking the device may also disable the
encrypted or hidden volume. As using the password safe should not have
side effects on the storage volumes, this patch removes the call to the
lock device command from the Drop implementation. Instead, the user
should call this method after making sure that it does not have side
effects.
A feature request for a command that only locks the password safe
without side effects is submitted to the Nitrokey Storage firmware
repository:
https://github.com/Nitrokey/nitrokey-storage-firmware/issues/65
Diffstat (limited to 'TODO.md')
-rw-r--r-- | TODO.md | 5 |
1 files changed, 4 insertions, 1 deletions
@@ -35,6 +35,9 @@ - Differentiate empty strings and errors (see `result_from_string`). - Check integer conversions. - Consider implementing `Into<CommandError>` for `(Device, CommandError)` -- Check error handling in PasswordSafe::drop(). +- Lock password safe in `PasswordSafe::drop()` (see [nitrokey-storage-firmware + issue 65][]). - Disable creation of multiple password safes at the same time. - Check timing in Storage tests. + +[nitrokey-storage-firmware issue 65]: https://github.com/Nitrokey/nitrokey-storage-firmware/issues/65 |