Re: gnome-keyring Why does -ask ship a copy of GtkEntry ?

From: Stef <stef-list memberwebs com>
To: Matthias Clasen <matthias clasen gmail com>
Cc: gnome-keyring-list gnome org
Subject: Re: gnome-keyring Why does -ask ship a copy of GtkEntry ?
Date: Fri, 9 Jan 2009 06:25:33 +0000 (UTC)

Matthias Clasen wrote:
> Hmm, I doubt this adds any real security advantages. After all, you
> are still loading modules like theme engines, etc, which can easily
> steal the content of your non-pageable memory. And you are using
> regular X, allowing anybody to sniff the key events that are used to
> fill your 'secure' entry.

Yes for sure, trying to protect against malicious attempts to get the
password is a currently a joke on a linux desktop. Protecting against
that is a 'would be nice at some point in the future' goal, but nothing
we're putting serious effort into right now.

However, this isn't about malicious attempts. In every day use pageable
memory can get written to the disk (ie: in the swap file). This
obviously defeats security measures like encrypting of the keyring, GPG
passwords, SSH passwords etc...

As I explained earlier, I don't have a working patch for GtkEnty that
implements a use of a single buffer for its text. I tried but gave up on
patching GtkEntry because I didn't have the necessary know how.

A second approach for changing GtkEntry to support non-pageable memory
would be an option to pass it a vtable of allocation functions.

Cheers,

Stef

References:
- gnome-keyring Why does -ask ship a copy of GtkEntry ?
  - From: Matthias Clasen
- Re: gnome-keyring Why does -ask ship a copy of GtkEntry ?
  - From: Stef
- Re: gnome-keyring Why does -ask ship a copy of GtkEntry ?
  - From: Matthias Clasen

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]