Bug 435015 – Use gnome-keyring secure memory API

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 435015 - Use gnome-keyring secure memory API


Summary:	Use gnome-keyring secure memory API


Status:	RESOLVED FIXED

Product:	seahorse
Classification:	Applications
Component:	general
Version:	unspecified
Hardware:	Other Linux

Importance:	Normal normal
Target Milestone:	2.20.0
Assigned To:	Seahorse Maintainer
QA Contact:	Seahorse Maintainer

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2007-05-01 21:04 UTC by Sebastian Dröge (slomo)
Modified:	2007-11-11 16:37 UTC

See Also:
GNOME target:	---
GNOME version:	---

Attachments
Use gnome-keyring for secure memory. (34.55 KB, patch) 2007-08-21 03:19 UTC, Stef Walter	committed	Details \| Review

Description Sebastian Dröge (slomo) 2007-05-01 21:04:11 UTC

Hi,
the current mlock() check fails if called as root (or with fakeroot or similar tools). This breaks on all kinds of package autobuilders like used for Debian and Ubuntu.

Instead of checking for uid==0 it would be better to just check the kernel version number, kernels greater than 2.6.8 support mlock() as normal user.

Bye

Comment 1 Stef Walter 2007-05-10 23:49:49 UTC

I'm not sure we can do that. What about OS's other than Linux?

Comment 2 Sebastian Dröge (slomo) 2007-05-11 04:09:23 UTC

No idea... but this check should probably be moved to runtime in any way. The build environment and runtime environment could be complete different in many aspects that effect mlock().

Comment 3 Stef Walter 2007-08-21 03:19:19 UTC

The only reason that the check is done, is so that we can avoid installing the programs setuid root. 

But I agree this is ancient and unneeded legacy stuff.

Attached is a patch which makes seahorse use the secure memory API exposed by gnome-keyring. This is far more modern and resilient, and doesn't entertain silly ideas of setuidness.

Comment 4 Stef Walter 2007-08-21 03:19:46 UTC

Created attachment 94033 [details] [review]
Use gnome-keyring for secure memory.

Comment 5 Adam Schreiber 2007-08-21 15:41:58 UTC

Looking at the patch, this makes gnome-keyring a hard dependency like gpg and gpgme correct?

Comment 6 Stef Walter 2007-08-22 15:46:56 UTC

Yes, that would be the case. Given that gnome-keyring will be providing an X509 certificate store, it'll make sense to have a hard dependency to it. At least it seems that way now. But we can revisit this at the next release cycle, if needed.

Comment 7 Adam Schreiber 2007-10-29 17:07:03 UTC

Stef,

Could you please regenerate this patch as it no longer applies cleanly?

Comment 8 Adam Schreiber 2007-11-11 16:37:19 UTC

Committed.  I found the time to straighten out the rejected hunks.

2007-11-11  Adam Schreiber  <sadam@clemson.edu>

    * src/seahorse-key-dialogs.h:
    * src/seahorse-key-manager.c:
    * src/seahorse-gkeyring-operation.c:
    * src/main.c:
    * src/Makefile.am:
    * INSTALL:
    * plugins/nautilus/seahorse-tool.c:
    * plugins/applet/seahorse-applet.c:
    * configure.in:
    * agent/seahorse-agent-actions.c:
    * agent/seahorse-agent-cache.c:
    * agent/seahorse-agent-status.c:
    * agent/seahorse-agent-main.c:
    * libseahorse/seahorse-secure-memory.c:
    * libseahorse/seahorse-secure-memory.h:
    * libseahorse/seahorse-ssh-operation.c:
    * libseahorse/seahorse-prefs-cache.c:
    * daemon/seahorse-daemon.c: Use secure memory from gnome-keyring.  Patch
    from Stef Walter.  Fixes bug #435015