Comment 2 for bug 276517

On reflection the patch suggested there would only partially resolve the security concerns -- the only client application (gstm) would no longer use gaskpass but gaskpass would still be installed. A further fix would actually remove gaskpass from the system or fix the behavior identified here (and several other behaviors mentioned as gaskpass bugs within gstm).