GNOME.org
 

gnome-keyring Gnome keyring security

Hello,

I'm new to this list, but it was recommended I discuss the following here before bringing it back to the Fedora lists. Below is the message I sent to the Fedora mailing list:

---------- Forwarded message ---------
From: Christopher <ctubbsii-fedora apache org>
Date: Thu, Jan 21, 2016 at 3:38 PM
Subject: Gnome keyring security in Fedora
To: Development discussions related to Fedora <devel lists fedoraproject org>


I've been thinking about Gnome keyring a lot lately, and I have concerns about security, and I don't know if this is a Gnome keyring problem, or a problem affecting Fedora specifically.

In short, it doesn't look like Gnome keyring has the ability to notify a user interactively when a password is read from an unlocked keyring (or to dynamically unlock it with a master passphrase upon request). Is this correct? If so, it puts it behind NSS features that Firefox and other apps use to store passwords and other credentials. However, if it's just something specific which isn't packaged for Fedora, or isn't installed by default, that would be very good to know.

In the past, seahorse-plugins provided a gpg-agent with a tool for configuring cache preferences. It looks like seahorse-plugins is no longer packaged for Fedora, and gpg2 integrates with seahorse/gnome keyring differently (I don't know how). At least for GPG passphrases, this provided some UI to notify the user upon programmatic access to the cached credentials, and provided an notification icon whenever the cache was non-empty. It also provided a customizable timer for the cache.

Although they didn't help for non-GPG credentials, these features of seahorse-plugins provided important (essential, I would say) security for a GPG credential cache (and, I would argue, essential for any private credential store). However, these appear to have been lost in Fedora, making Fedora less secure. Does anybody know about this? Do these features have replacements which I'm not aware of? If so, why aren't they installed in Fedora by default?

Is this downgrade in security a Fedora problem, or is it a Gnome problem, or a seahorse problem? Are there alternatives? NSS seems to be getting some of this right, but doesn't have good integration with Gnome/Seahorse/GPG.

Thoughts?

--
Christopher
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]