GNOME Bugzilla – Bug 784269
Say which application wants access to the keyring
Last modified: 2017-06-29 04:09:58 UTC
$ ephiphany some_site user logs in and chooses to save password and is then presented with "An application wants access to the keyring 'Default', but it is locked" Say what application. Don't just say "An application". Maybe this will help you assign this bug to the right application: (WebKitWebProcess:2290): GLib-CRITICAL **: g_variant_new_string: assertion 'string != NULL' failed ** Message: Remote error from secret service: org.freedesktop.Secret.Error.IsLocked: Cannot create an item in a locked collection Seen when the user finally gives up guessing what password to type in. Why does the user need to know what application? Well it might be "Evil other application". Or the user might want to report a bug against the application.
I think there are two bugs here: (1) The bug as reported: it's not clear which application is trying to access the keyring. This is a valid complaint. It's not an Epiphany bug, though. gnome-shell presents the prompt, so I'll move this bug report to gnome-shell. Unfortunately, I don't think it has any way to know which application is requesting the unlock, so it's going to require some architectural changes in the D-Bus interface to fix. That's not to mention the question of how to perform process attestation so that malicious applications can't pretend to be other applications, which is a very tricky problem in itself. (2) The critical warning that you've posted is most likely an Epiphany bug. Epiphany should be able to handle the keyring being locked without printing critical errors. Could you file a new bug report for this so we can track it separately, and include a backtrace taken with G_DEBUG=fatal-criticals like before? I know it looks very similar to bug #784170, but I think it's actually two different bugs that result in a similar error message. Let's avoid discussing (2) further in this bug, to avoid cluttering it. (Thanks again for reporting all these bugs. You're hitting a bunch of cases that probably don't get tested much.)
Also nowhere does the message say that "gnome" has anything to do with it. E.g., when chromium or firefox ask for master passwords or whatever, they be sure the branding is somewhere on their message. So when we get this anonymous prompt, we assume it must be from the browser we started, epiphany. But we sure would like to see some branding, so we know who to blame/google for. Indeed, the user has never typed "gnome" when installing epiphany nor in his entire life, even when installing Debian.
Note: this is almost the same as bug #688351, except this request is for the keyring unlock dialog rather than Polkit authorization prompts.
Yes I am glad I found your small *maintained* browser. The others I tried were not as maintained.
(In reply to Michael Catanzaro from comment #3) > Note: this is almost the same as bug #688351, except this request is for the > keyring unlock dialog rather than Polkit authorization prompts. It's actually the same as bug 574315 - the labels used in the gnome-shell dialog are all provided by gnome-keyring-daemon, not the shell. *** This bug has been marked as a duplicate of bug 574315 ***
Note: we decided in bug #688351 that this dialog was displayed by gcr, not gnome-shell.
OK I got a screenshot! How did I do it? $ import -pause 222 -window root /tmp/m.jpg& $ epiphany some_site_where_I_login.com Then around 100 seconds later I have the situation on my screen and I just take a break and let the timer expire...
Created attachment 354664 [details] screenshot of being forced to enter password with no way to type into any other window
Comment on attachment 354664 [details] screenshot of being forced to enter password with no way to type into any other window I made it with $ import -pause 222 -window root /tmp/m.jpg & epiphany some_site.com the only way to do it is with pause, as by that time one cannot type to other windows.
(In reply to Michael Catanzaro from comment #1) Yes your issue 2 will probably go away once bug #784170 is solved.