![]() In particular, when you can get the source code, personally audit it, build the app - and then trust it completely. The most secure approach is the one where you don’t have to trust the developer. The consensus was: “open source is the best (although not perfect) proof”. ![]() (The reference is not a simple file path or URL: it allows one specific app to access one specific file only.)īy the way, for a direct access to the cloud storage KeePassium would need your storage credentials - which the app never asks for.Īs for how to prove the absence of backdoors - yes, I have spent quite a long time contemplating this and even asked the community how that could be done. Once you pick a file, the system returns control to KeePassium, along with a special reference to the selected file. The file picker is a system process that has the privileges to communicate with the cloud provider apps. The system takes control, sends the app to background, and shows you the standard file picker interface (similar to the Files app). Specifically, when you press “Add database” in KeePassium, the app tells the system: “please ask the user to select a file“. To access external files, KeePassium uses the document picker mechanism provided by the system. Thanks!īy default, all iOS apps can access files only inside their system-enforced sandbox. Give it a try and let me know what you think - especially if there are any issues or missing features. KeePassium is also open source, available under the GPL v3 license - because you asked (hat tip to /u/crimoniv for showing me the way). Looks too good to be true? Not quite yet.
0 Comments
Leave a Reply. |