Page 3 of 42 FirstFirst 1234513 ... LastLast
Results 21 to 30 of 413

Thread: Keyring passwords visible after login without second password prompt

  1. #21
    Join Date
    Sep 2006
    Location
    Central Europe
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: Blatant security flaw much?

    Anyone care to share steps to reproduce?

    Besides I'm totally with replies #2, #3, and #15.
    The Power User’s Guide to Unity
    Questions about Ubuntu? Ask them at askubuntu.com!

  2. #22
    Join Date
    Mar 2009
    Location
    New Zealand
    Beans
    687
    Distro
    Ubuntu 10.10 Maverick Meerkat

    Re: Blatant security flaw much?

    Quote Originally Posted by MacUntu View Post
    Anyone care to share steps to reproduce?

    Besides I'm totally with replies #2, #3, and #15.
    1. Restart your computer and login, make sure you never enter any passwords after your desktop has loaded. Don't do any sudoing or anything.

    2. Go to Applications > Accessories > Passwords and Encryption Keyrings

    3. Click on the 'login' folder to drop down and view programs that store data here.

    4. Double click on something you want to look at.

    5. Click Password to show some dots, then uncheck the box below the dots marked "Show password"

    6. Note that throughout this whole procedure, not once were you prompted to enter in anything that verifies you are authorized to view this information.

    Ways to solve: Change how this data is stored or prompt to enter in your user password to view your user data.
    Writer for OMG! Ubuntu!, Editor-in-Chief Ubuntu Gamer. Co-founder of media and software company Ohso.

  3. #23
    Join Date
    Sep 2006
    Location
    Central Europe
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: Blatant security flaw much?

    I've asked because that's exactly what I did and I couldn't reproduce it. Do you have autologin enabled? Maybe an empty keyring password?
    The Power User’s Guide to Unity
    Questions about Ubuntu? Ask them at askubuntu.com!

  4. #24
    Join Date
    Sep 2009
    Beans
    52

    Re: Blatant security flaw much?

    Whats the point of having a keyring password when that password is never ever asked?

    Those who do not agree to having a choice for prompting for password, should remove their user passwords and remove even the option to have user login passwords. After all you guys are saying rely ONLY on physical security. Because according to your view, locking the screen is useless as well since anyone can access your data through a live CD/DVD.

  5. #25
    Join Date
    Sep 2009
    Beans
    52

    Re: Blatant security flaw much?

    Quote Originally Posted by MacUntu View Post
    I've asked because that's exactly what I did and I couldn't reproduce it. Do you have autologin enabled? Maybe an empty keyring password?
    Did it ask you to enter a password or just click the allow button?

  6. #26
    Join Date
    Sep 2006
    Location
    Central Europe
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: Blatant security flaw much?

    Ha, got me - yes, I now can reproduce it. Autologin enabled, non-empty keyring password.
    The Power User’s Guide to Unity
    Questions about Ubuntu? Ask them at askubuntu.com!

  7. #27
    Join Date
    Mar 2009
    Location
    New Zealand
    Beans
    687
    Distro
    Ubuntu 10.10 Maverick Meerkat

    Re: Blatant security flaw much?

    Hmm I don't have Auto login enabled. I'm pretty sure my keyring has a password, I just did a fresh install though... how to check?
    Writer for OMG! Ubuntu!, Editor-in-Chief Ubuntu Gamer. Co-founder of media and software company Ohso.

  8. #28
    Join Date
    Jun 2007
    Beans
    676

    Re: Blatant security flaw much?

    Quote Originally Posted by the.lost.one View Post
    Those who do not agree to having a choice for prompting for password, should remove their user passwords and remove even the option to have user login passwords. After all you guys are saying rely ONLY on physical security. Because according to your view, locking the screen is useless as well since anyone can access your data through a live CD/DVD.
    The keyring only allows the user, logged in, to access the passwords. A live CD/DVD wouldn't work.

    The Gnome keyring is based on three simple principles:

    1) If someone is logged in as user X, he is user X and has already proved his identity at login.

    2) If someone is not logged in as user X, he is not user X and cannot see the passwords of user X. That includes the live CD user.

    3) In the unlikely event that someone logged in as user X is NOT user X and has malicious intentions, the mere fact that this person is using user X's account is already a massive security hole as far as personal info is concerned. Imposing security restrictions for this situation is sacrificing usability for minimal security gain.

    For more info, see the security philosophy of Gnome keyring.

    If you disagree with this, go discuss in the keyring mailing list. But do not report bugs, this is by design.
    Last edited by Keyper7; October 27th, 2009 at 12:33 PM.

  9. #29
    Join Date
    Mar 2009
    Location
    New Zealand
    Beans
    687
    Distro
    Ubuntu 10.10 Maverick Meerkat

    Re: Blatant security flaw much?

    Quote Originally Posted by Keyper7 View Post
    The keyring only allows the user, logged in, to access the passwords. A live CD/DVD wouldn't work.

    The Gnome keyring is based on three simple principles:

    1) If someone is logged in as user X, he is user X and has already proved his identity at login.

    2) If someone is not logged in as user X, he is not user X and cannot see the passwords of user X. That includes the live CD user.

    3) In the unlikely event that someone logged in as user X is NOT user X and has malicious intentions, the mere fact that this person is using user X's account is already a massive security hole as far as personal info is concerned. Imposing security restrictions for this situation is sacrificing usability for minimal security gain.

    For more info, see the security philosophy of Gnome keyring.

    If you disagree with this, go discuss in the keyring mailing list. But do not report bugs, this is by design.
    Thanks for clarifying. I guess this does make sense. But then why do I have to enter in my password for a whole host of other things, when I have already proved that it's me at login?

    And also, Ubuntu can run for a long amount of time without being rebooted or logged in/out, so surely there should be some sort of timer, perhaps 3 hours, where the user needs to re-prove that it is still the correct user when he/she tries to access seahorse passwords in the keychain.

    All I'm saying is that it would be simple to add in a prompt for you to enter in your user password before you are allowed to see the passwords for these things.

    The email account and password in particular is very sensitive and important to most people, so more should be done to protect any access to these sorts of user details.

    Just my opinion.
    Writer for OMG! Ubuntu!, Editor-in-Chief Ubuntu Gamer. Co-founder of media and software company Ohso.

  10. #30
    Join Date
    May 2007
    Location
    UK near Bedford
    Beans
    3,481
    Distro
    Ubuntu Development Release

    Re: Blatant security flaw much?

    I find this to be poor security because it assumes that the security level of passwords stored on the machine relate to the level of security of the machine itself.

    e.g. Lets say a user is working in an open environment where colleagues and passers by will have intermittent access - say while the person goes for a coffee. This is ok because a) the user is never away very long and b) there is no secure information on the actual machine.

    However there may be times when the user accesses a more secure environment, say a particular WiFi network, located elsewhere, even his own personal network at home. Under these circumstances a casual viewer can easily gain access to passwords and keys.
    PC

    To get a terminal command to put its output into a file use this format
    {terminal command} > {filename}

Page 3 of 42 FirstFirst 1234513 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •