Re: GNOME keyring unlocking

Le jeudi 10 octobre 2013 à 14:26 +0300, p10 a écrit :
Thanks for the explanation , so the problem is not trivial . But it
still stands - people are setting empty passwords to avoid entering a
password every time + the auto-login option becomes practically obsolete
when using the keyring. So where do I further the discussion on that - a
bug , a blueprint ?
What are you asking for exactly? To encrypt your keyring using a
password you do not need to type at all? ;-)

If you want to secure your keyring, you'll have to type at some point a
secret information that is not stored on the system. If you don't need
to do that, anybody could access your keyring. So that's really not an
implementation issue, that's a logical one.



On Thu, 2013-10-10 at 11:33 +0100, Simon McVittie wrote:
On 10/10/13 11:13, p10 wrote:
autologin doesn't unlock the keyring . I think I
understand more or less why that's happening

The reason is: libpam-gnome-keyring needs your password to decrypt the
keyring. Without your password, it just doesn't have enough information.

 Now my first question is - how does GDM store the password to autologin
a specific user

It doesn't. GDM (or at least, enough of GDM) is a privileged process
running as root with full capabilities, and can do whatever it has been
configured to do, including changing its uid to you without asking for a
password first.

Login processes *usually* prompt for, and check, an "ordinary password"
first - but that's not required. They can equally well use a
one-time-password scheme like OATH[1], query a fingerprint reader[2], or
just say "yes" regardless[3]. When GDM has been configured to
auto-login, its policy for that user's login is "just say yes".

when AFAIK the kernel handles user login services

The kernel doesn't handle user login services (at least, not on typical
Unix OSs like Linux and *BSD). The kernel allows processes with
appropriate capabilities[4] to become another user. That's all gdm has
to do.


[1] more secure than ordinary passwords
[2] not actually very secure
[3] not at all secure
[4] approximately "running as root", although on a modern system,
    Linux capabilities (POSIX.1e draft capabilities) are also involved

desktop-devel-list mailing list
desktop-devel-list gnome org

desktop-devel-list mailing list
desktop-devel-list gnome org

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]