gnome-keyring kerying - unlocks if I change or remove the password in /etc/shadow?

From: Marek Andreánsky <marek andreansky sk>
To: gnome-keyring-list gnome org
Subject: gnome-keyring kerying - unlocks if I change or remove the password in /etc/shadow?
Date: Mon, 14 Mar 2011 11:29:45 +0100

What happens if I change my password by modifying the /etc/shadow file or I flat out remove the user password from the file?

If it unlocks as usual then thats a big security flaw, as If my computer gets stolen the thief can easily get access to all of my passwords stored on the machine, as he can easily remove the hash from shadow and log in without the password or generate his own pass.

And what happens if he instead gets root access and changes my pass (pass of another user) using one of the password changing commands available to root? Will it automatically change the pass of the keyring too?

Haven't tested this, but probably will to see what happens when I have a free hour or so. The ideal scenario would be that whenever the user login pass is changed GNOME keyring would prompt with a popup for the user to insert the old pass and then retype the new user pass - that way and attacker cant get access to the keyring if he doesn't know the actual login password (lets presume that the pass can't be found in any rainbow tables).

Best regards,
Marek Andreansky

Follow-Ups:
- Re: gnome-keyring kerying - unlocks if I change or remove the password in /etc/shadow?
  - From: Stef Walter

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]