Closed Bug 1393151 Opened 4 years ago Closed 3 years ago
Remove the "Master Password Timeout" feature from Sea
In bug 1393143 we're removing some interface methods and attributes that aren't used in Firefox (or Thunderbird, or that matter). Among these are nsIPK11Token.getAskPasswordTimes, getAskPasswordTimeout, and setAskPasswordDefaults. Apparently these are actually used in SeaMonkey to implement the "Master Password Timeout" feature (Preferences -> Privacy & Security -> Master Passwords). I'm having a hard time coming up with a reasonable threat model under which this provides any useful security, so I think it should be removed. If it's necessary to have, it can be reimplemented in code that lives in SeaMonkey itself rather than mozilla-central.
Assignee: nobody → frgrahl
Status: NEW → ASSIGNED
Attachment #8918587 - Flags: review?(iann_bugzilla)
Summary: remove or reimplement the "Master Password Timeout" feature → Remove the "Master Password Timeout" feature from SeaMonkey
Comment on attachment 8918587 [details] [diff] [review] 1393151-MasterPasswordTimeout.patch LGTM r=me I know it is not within the scope of this bug but Master Passwords and Passwords pref panels are looking very sparse these days, maybe they could be merged?
Attachment #8918587 - Flags: review?(iann_bugzilla) → review+
Pushed by firstname.lastname@example.org: https://hg.mozilla.org/comm-central/rev/71125f414176 Remove "Master Password Timeout" feature from SeaMonkey preferences. r=IanN
Status: ASSIGNED → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED
The last commit got my attention because of the following: > + <li><strong>Log In</strong>: Log into the selected security device.</li> > <li><strong>Log Out</strong>: Log out of the selected security device. After Please note that to "log in" is a verb - even a phrasal verb - a "login" is a noun. That means the following: - One cannot "login" to something, but one can "log in" (or be "logged in") to something instead. - One cannot "log into" (or be "logged into") something either in the above context - phrasal verbs do not allow their "in" part to be combined with a following "to", as their meaning will simply change. One can however "[dive] into" a pool, an application can "[log] into" a log file, or one can "paste a log into a textarea". Getting access to a website or other computer environment or device is by no means a justification to see this in another way. This has come up in other bugs and is / should still be mentioned in the Sumo  and MDN , (or any other) style guide respectively. The same thing applies to "sign in (to)". Afaict, Firefox and Thunderbird are not affected. I’d suggest to file a separate bug for fixing all instances of "log into" and "logged into" in SeaMonkey (currently 6 in Help files). I’m willing to do so if no-one else is or has time.  https://support.mozilla.org/en-US/kb/write-articles-knowledge-base#w_style-guide-and-copy-rules  https://www.mozilla.org/en-US/styleguide/communications/copy-rules/  https://developer.mozilla.org/en-US/docs/Archive/B2G_OS/Firefox_OS_apps/Copy_styleguide
Ton if you do a patch I would be happy to review it. Just a bit swamped right now to do it myself.
OK, do you want me to attach it to this bug, or file a new one?
Please file a new one. Big thanks.
Comment on attachment 9041008 [details] [diff] [review] 1393151-2-nitfix.patch a=me
Attachment #9041008 - Flags: approval-comm-esr60? → approval-comm-esr60+
Pushed by email@example.com: https://hg.mozilla.org/comm-central/rev/21f33d20f2a1 Follow-up: Fix missing closing sequences and correct text in help file. r=me
Comment on attachment 9041008 [details] [diff] [review] 1393151-2-nitfix.patch https://hg.mozilla.org/releases/comm-esr60/rev/83b716a07abf262438c6002b97e3314b553a5f9b Follow-up: Fix missing closing sequences and correct text in help file. r=me a=IanN
You need to log in before you can comment on or make changes to this bug.