Public bug reported:
I've been using the program `Pass` to manage my passwords, which uses a
PGP key that I created for this purpose. I began noticing that after my
first use of the passphrase gnome-keyring would cache the passphrase and
no longer request it. This is a security issue as anyone with access to
my machine can gain access to all of my passwords.
I assumed the settings could be tweaked, so I used `dconf-editor` to
edit the `gpg-cache-method` file to use `timeout` instead of the default
setting. I also changed the `gpg-cache-ttl` to 1 second from the
default, which was 300 I believe. I then restarted the keyring with `$
gnome-keyring-daemon -r`.
This successfully reset the keyring and I was prompted for my password.
However, it only worked once. After entering the password, gnome-keyring
cached my password and this survives logging out or restarting the
computer.
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: gnome-keyring 3.28.0.2-1ubuntu1.18.04.1
ProcVersionSignature: Ubuntu 4.15.0-30.32-generic 4.15.18
Uname: Linux 4.15.0-30-generic x86_64
NonfreeKernelModules: nvidia_modeset nvidia
ApportVersion: 2.20.9-0ubuntu7.2
Architecture: amd64
CurrentDesktop: ubuntu:GNOME
Date: Sat Aug 11 07:38:49 2018
InstallationDate: Installed on 2018-04-26 (106 days ago)
InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180425.1)
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
XDG_RUNTIME_DIR=<set>
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: gnome-keyring
UpgradeStatus: No upgrade log present (probably fresh install)
** Affects: gnome-keyring (Ubuntu)
Importance: Undecided
Status: New
** Tags: amd64 apport-bug bionic gnome-keyring
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gnome-keyring in Ubuntu.
https://bugs.launchpad.net/bugs/1786607
Title:
gnome-keyring caches PGP password eternally
Status in gnome-keyring package in Ubuntu:
New
Bug description:
I've been using the program `Pass` to manage my passwords, which uses
a PGP key that I created for this purpose. I began noticing that after
my first use of the passphrase gnome-keyring would cache the
passphrase and no longer request it. This is a security issue as
anyone with access to my machine can gain access to all of my
passwords.
I assumed the settings could be tweaked, so I used `dconf-editor` to
edit the `gpg-cache-method` file to use `timeout` instead of the
default setting. I also changed the `gpg-cache-ttl` to 1 second from
the default, which was 300 I believe. I then restarted the keyring
with `$ gnome-keyring-daemon -r`.
This successfully reset the keyring and I was prompted for my
password. However, it only worked once. After entering the password,
gnome-keyring cached my password and this survives logging out or
restarting the computer.
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: gnome-keyring 3.28.0.2-1ubuntu1.18.04.1
ProcVersionSignature: Ubuntu 4.15.0-30.32-generic 4.15.18
Uname: Linux 4.15.0-30-generic x86_64
NonfreeKernelModules: nvidia_modeset nvidia
ApportVersion: 2.20.9-0ubuntu7.2
Architecture: amd64
CurrentDesktop: ubuntu:GNOME
Date: Sat Aug 11 07:38:49 2018
InstallationDate: Installed on 2018-04-26 (106 days ago)
InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64
(20180425.1)
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
XDG_RUNTIME_DIR=<set>
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: gnome-keyring
UpgradeStatus: No upgrade log present (probably fresh install)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1786607/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
