On Thu, Jan 28, 2016 at 2:37 PM Michael Catanzaro <mcatanzaro@xxxxxxxxx> wrote:
On Thu, 2016-01-28 at 18:43 +0000, Christopher wrote:
> I can't be the only one interested in finding out how to secure these
> things in Fedora.
Any application running as your user can read anything from your
keyring (provided it is unlocked). This is not problematic because we
don't have any application sandboxing yet, so apps can read all your
personal files and do whatever they want with them. They're trusted by
definition. Who cares if they can get your passwords too?
We should care. Passwords and other credentials are used beyond the local machine, to authenticate to remote resources and remote entities. I care much more about an app using my GPG code signing key to sign something and distribute it on the Internet, or that it can log in to my bank account with my password, than I do about an app completely screwing up my home directory (to include wiping any encrypted credentials in my config files).
Corrupting local drives/configuration, and getting access to unencrypted private credentials are two very different security threats, which must be treated differently. Just because some threats would still exist, doesn't mean we shouldn't attempt to mitigate those we know about. The previous seahorse-plugins GPG caching was a good example... it provided a notification when a key was cached, allowed you to set an expiration time for the cache, and optionally required you to approve each cache access.
Corrupting local drives/configuration, and getting access to unencrypted private credentials are two very different security threats, which must be treated differently. Just because some threats would still exist, doesn't mean we shouldn't attempt to mitigate those we know about. The previous seahorse-plugins GPG caching was a good example... it provided a notification when a key was cached, allowed you to set an expiration time for the cache, and optionally required you to approve each cache access.
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx