GNOME Bugzilla – Bug 772721
Add cleartext password support without libsecret
Last modified: 2018-10-28 22:26:15 UTC
If no libsecret agent like gnome-keyring is installed, geary crashes on startup like reported here: https://forums.freebsd.org/threads/50155/. This is how I discovered that there is currently no support for storing clear text passwords directly in the geary.ini file which is kind of annoying when you already use an encrypted harddrive. I'd be very glad if you could add this feature or even make libsecret an optional build dependency. Jannis
Hi Jannis, thanks for reporting this issue. Doing a better job of notifying people when there aren't any libsecret providers installed is covered by Bug 743839, and either it really shouldn't crash. Supporting pluggable auth mechanisms is part of Bug 768975, so this may be enabled by that work. Note however that having an encrypted hard drive won't prevent people/processes from snooping on your passwords if the machine has booted, so there is still merit in encrypting passwords even when you have an encrypted hard disk/home partition.
Thank you Michael. I'm looking forward to fixes for both bugs. You are right about the password security but in the end this is a very complex topic so I would recommend to leave the choice to the user while providing information (for example if downloaded mails are encrypted as well).
Quick update, the crash should have been taken care of in Bug 776139, and there's some discussion there about notifying when a keyring error occurs.
0.12.2 improved had some more fixes to this end. I'm not sure plain text is something Geary is going to support out of the box, but this might be something that a plugin could add. So making this depend on Bug 714883.
I just wrote up a tracking bug for the plugin system over at gitlab that collects all of the requirements for feature requests that should be implemented as plugins in the one place, so closing this bug in favour of that ticket: https://gitlab.gnome.org/GNOME/geary/issues/155