Bug 324674 – Hide/Remove System Notification Icon (seahorse-agent)

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 324674 - Hide/Remove System Notification Icon (seahorse-agent)


Summary:	Hide/Remove System Notification Icon (seahorse-agent)


Status:	RESOLVED FIXED

Product:	seahorse
Classification:	Applications
Component:	Daemon
Version:	unspecified
Hardware:	Other All

Importance:	Normal enhancement
Target Milestone:	---
Assigned To:	Seahorse Maintainer
QA Contact:	Seahorse Maintainer

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2005-12-21 04:52 UTC by Mike Ginou
Modified:	2006-12-11 17:49 UTC

See Also:
GNOME target:	---
GNOME version:	---

Attachments
provides functionality (3.73 KB, patch) 2006-03-10 04:26 UTC, Adam Schreiber	reviewed	Details \| Review

Description Mike Ginou 2005-12-21 04:52:27 UTC

The notification icon displayed by seahorse-agent when there is a key currently
in the cache offers precious little functionality. I does allow a user to
prematurely clear the cache, however, since I can easily set the expiry via the
preferences dialogue, this seems to be of limited use.

Some will argue that it is best to remind the user that the cache exists and
represents a security risk. However, since the cache does not enable signing,
the security breach relates only to encrypted content. Presumably the content is
not of absolute vital secrecy, or the passphrase cache would be disabled
altogether. Since the agent has to be activated by the user (either manually, or
by adding it to their session startup programs), users are likely to be aware of
the passphrase caching.

The enhancement request is for either A) a preferences setting allowing the
notification icon to be enabled/disabled or B) preferably simply removing the
icon altogether.

In order to ensure that the passphrase cache can be easily disabled, this
enhancement should also probably include a change so that when the cache is
disabled in the preferences window, any running seahorse-agent process is killed.

Comment 1 Stef Walter 2005-12-21 17:29:39 UTC

The cache does enable signing, AFAIK. GPG doesn't differentiate between the requests it sends to it's agent process.

Comment 2 Mike Ginou 2005-12-21 18:12:36 UTC

(In reply to comment #1)
> The cache does enable signing, AFAIK. GPG doesn't differentiate between the
> requests it sends to it's agent process. 

Really? My experience has been that I can multiple messages after entering my passphrase, however the seahorse-agent passphrase-entry window pops-up every time I want to sign. For what it's worth, I think that is a good thing. You probably should have to enter your passphrase in order to sign things. Just like you have to use a pen for traditional signatures (well, copy machines and those automated signing machines aside).

As a side note, the GnuPG-Agent program has an option that enables exactly this behaviour, so it certainly seems reasonable to believe that seahorse-agent might support the same behavious.

Comment 3 Stef Walter 2006-01-02 16:34:13 UTC

Interesting. Although I don't see that behavior myself (signing passphrase is cached for me) I can see your point. I guess we should look into this.

Comment 4 Adam Schreiber 2006-03-10 04:26:03 UTC

Created attachment 61017 [details] [review]
provides functionality

This patch allows the user to disable the cache reminder in the notification area.  No UI is currently provided as I agree the functionality should exist but it's maybe not worth putting in the preferences.  Let me know if UI is really needed and I'll add it to seahorse-preferences.

Toggle /apps/seahorse/agent/cache_display.

Comment 5 Stef Walter 2006-03-10 05:41:33 UTC

Good call. I agree. Two things:

 * I'd rename the key to something like 'display_status' to make it a bit clearer.
 * We can monitor /apps/seahorse/agent/ instead of doing two gconf monitors.

Comment 6 Mike Ginou 2006-03-10 14:39:22 UTC

Seems reasonable to me. I don't think a UI is needed for this feature, though hopefully it is documented somewhere? 

I wonder if turning the display off might be a more reasonable default though. Does the display of the existence of the cache actually affect a user's experience? It seems unlikely to me. I would liken the cache to the use of sudo. Knowing that sudo caches my authentication in no way affects how I use sudo, it just means that I sometimes won't have to retype my password.

Likewise, being able to see that the cache is active isn't likely to affect how a user uses seahorse. They will simply encrypt/decrypt/sign files as they always do.

Comment 7 Adam Schreiber 2006-03-11 02:49:47 UTC

I'm not quite sure how to monitor a given path, it seems like there's a gconf_client_add_dir but it doesn't have a callback function like gconf_client_notify_add, that seahorse_gconf_notify wraps, does.  Suggestions? Patches?

Comment 8 Stef Walter 2006-03-11 03:58:21 UTC

Basically the same way you monitor a key. Something like this will do the trick (in the appropriate places):

#define SETTINGS_AGENT "/apps/seahorse/agent/"
seahorse_gconf_notify (SETTINGS_AGENT, gconf_notify, NULL);

Comment 9 Adam Schreiber 2006-03-11 05:09:03 UTC

I had done that before I asked and it wasn't working.  I then ran it as seahorse-daemon --no-daemonize and it worked.  This is the same kind of thing happening with Bug #304569.  Why is stuff working properly when not daemonized but not when run as a daemon?

Comment 10 Stef Walter 2006-12-11 17:49:17 UTC


2006-12-11  Nate Nielsen  <nielsen@memberwebs.com>

    * agent/seahorse-agent-status.c:
    * agent/seahorse-agent.c:
    * agent/seahorse-agent.h:
    * data/seahorse.schemas.in: Add ability to hide tray icon for cached
    secrets. Fixes bug #324674