Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Ubuntu Development (http://www.linux-archive.org/ubuntu-development/)
-   -   Keyring password ( Installation report for UNR 20090324 on Acer Aspire One) (http://www.linux-archive.org/ubuntu-development/269140-keyring-password-installation-report-unr-20090324-acer-aspire-one.html)

Sebastien Bacher 03-24-2009 02:13 PM

Keyring password ( Installation report for UNR 20090324 on Acer Aspire One)
 
Le mardi 24 mars 2009 à 14:02 +0000, Matt Zimmerman a écrit :
>
> I have an 8.10 system where the keyring password and login password
> seem to
> be out of sync, and I haven't worked out how to fix it. I assume
> something
> is supposed to keep them in sync?

Not right now, libpam-gnome-keyring can be used to sync the
gnome-keyring password when using passwd too but that's not set up in
ubuntu currently (there is a request on launchpad about that and I tried
to get somebody who has a clue about pam to look at how reasonable that
would be or if that could create other issues but got no reply). You can
use seahorse to change manually your gnome-keyring password though

Cheers,

Sebastien Bacher


--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel

Sebastien Bacher 03-25-2009 12:17 PM

Keyring password ( Installation report for UNR 20090324 on Acer Aspire One)
 
Le mercredi 25 mars 2009 à 12:31 +0000, Matt Zimmerman a écrit :
> This seems perfectly reasonable to me; wifi passwords are not usually
> so
> sensitive that they need to be encrypted on disk.

What about emails, calendar, etc account passwords? Because you will run
into the same issue for those

Sebastien Bacher


--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel

Matt Zimmerman 03-25-2009 12:21 PM

Keyring password ( Installation report for UNR 20090324 on Acer Aspire One)
 
On Wed, Mar 25, 2009 at 01:17:42PM +0000, Sebastien Bacher wrote:
> Le mercredi 25 mars 2009 à 12:31 +0000, Matt Zimmerman a écrit :
> > This seems perfectly reasonable to me; wifi passwords are not usually
> > so
> > sensitive that they need to be encrypted on disk.
>
> What about emails, calendar, etc account passwords? Because you will run
> into the same issue for those

That's not ideal, but no worse than most systems out there (including those
which auto-login by default).

Can you agree that the following user experience is not ideal?

1. User installs a brand new Ubuntu system
2. User attempts to connect to their home wireless network
3. Ubuntu asks them for the wireless access key
4. User provides the access key
5. Ubuntu asks them for a new password they have never heard of

Is there something else we could do to improve it, which would be better
than what was suggested?

--
- mdz

--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel

Sebastien Bacher 03-25-2009 12:53 PM

Keyring password ( Installation report for UNR 20090324 on Acer Aspire One)
 
Le mercredi 25 mars 2009 à 13:21 +0000, Matt Zimmerman a écrit :
> Can you agree that the following user experience is not ideal?
>
Oh I totally agree with that and that's an issue for some years now,
I'm just not sure what we can do to fix it

> 1. User installs a brand new Ubuntu system
> 2. User attempts to connect to their home wireless network
> 3. Ubuntu asks them for the wireless access key
> 4. User provides the access key
> 5. Ubuntu asks them for a new password they have never heard of
>
> Is there something else we could do to improve it, which would be
> better
> than what was suggested?

"Ubuntu asks them for a new password they have never heard of", do you
mean that the wording is unclear? Because they did set this password
during the installation or when adding the user

Do we want consider autologin as a less secure option? One thing we
could do is to set an empty keyring password when autologin is selected
during the installation

Sebastien Bacher


--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel

Rick Spencer 03-25-2009 12:54 PM

Keyring password ( Installation report for UNR 20090324 on Acer Aspire One)
 
On 03/25/2009 06:53 AM, Sebastien Bacher wrote:
> Do we want consider autologin as a less secure option? One thing we
> could do is to set an empty keyring password when autologin is selected
> during the installation
But might not some apps keep very sensitive information in the keyring?

Cheers, Rick

--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel

Matt Zimmerman 03-25-2009 01:12 PM

Keyring password ( Installation report for UNR 20090324 on Acer Aspire One)
 
On Wed, Mar 25, 2009 at 01:53:19PM +0000, Sebastien Bacher wrote:
> Le mercredi 25 mars 2009 à 13:21 +0000, Matt Zimmerman a écrit :
> > 1. User installs a brand new Ubuntu system
> > 2. User attempts to connect to their home wireless network
> > 3. Ubuntu asks them for the wireless access key
> > 4. User provides the access key
> > 5. Ubuntu asks them for a new password they have never heard of
> >
> > Is there something else we could do to improve it, which would be better
> > than what was suggested?
>
> "Ubuntu asks them for a new password they have never heard of", do you
> mean that the wording is unclear? Because they did set this password
> during the installation or when adding the user

The dialog asks them to set a new password. The right thing to do is for
them to simply enter their login password, but that is not clear. See the
attached screenshot.

The problem with the dialog is that it strongly indicates that this is a new
password, for a new purpose, and does not hint that the existing login
password is a good choice.

An alternative would be to prompt, by default, for the login password (in a
single text box), and offer a radio button to choose to create a different
password instead.

> Do we want consider autologin as a less secure option? One thing we could
> do is to set an empty keyring password when autologin is selected during
> the installation

Yes, autologin is a less secure option. I think it's still OK to prompt for
the password to protect the keyring though, so long as it's obvious what to
do.

Maybe we could create the keyring at install time when we have the password?

--
- mdz
--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel

Sebastien Bacher 03-25-2009 01:34 PM

Keyring password ( Installation report for UNR 20090324 on Acer Aspire One)
 
Le mercredi 25 mars 2009 à 06:54 -0700, Rick Spencer a écrit :
> But might not some apps keep very sensitive information in the
> keyring?

Well, you can't security storage and never enter a password so that's
somewhat an user choice

The main concern there seems to be the dialog asking to set a keyring
password not the one to unlock the keyring though and we can try to
address this one for jaunty

Sebastien Bacher


--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel

Kees Cook 03-25-2009 02:52 PM

Keyring password ( Installation report for UNR 20090324 on Acer Aspire One)
 
On Wed, Mar 25, 2009 at 02:12:44PM +0000, Matt Zimmerman wrote:
> Maybe we could create the keyring at install time when we have the password?

I think that's the right choice here. I'm obviously biased towards
security, but without a keyring password, the contents of are sitting on
disk in the clear -- that's pretty nasty. I'm of the opinion that
auto-login should not be allowed, but I realize I'm not going to see that
go away. :)

--
Kees Cook
Ubuntu Security Team

--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel

Loïc Minier 03-25-2009 03:05 PM

Keyring password ( Installation report for UNR 20090324 on Acer Aspire One)
 
On Wed, Mar 25, 2009, Matt Zimmerman wrote:
> This seems perfectly reasonable to me; wifi passwords are not usually so
> sensitive that they need to be encrypted on disk.

(Long term non-jaunty: )
I think that's only ok if we shard the keyring-backed passwords into
multiple keyrings and add a policy to store certain passwords in
certain keyrings. e.g. wifi passwords in the optional non-password
protected keyring. We could use the same trick as GConf which has a
path of configuration repositories and uses the first writable one, but
I think it would be more sensible to have a real policy similar to the
policykit/consolekit policies.

I don't think it's ok to plan to store all passwords in a non-protected
keyring, that gives a false sense of security.

--
Loïc Minier

--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel

Sebastien Bacher 03-25-2009 03:18 PM

Keyring password ( Installation report for UNR 20090324 on Acer Aspire One)
 
Le mercredi 25 mars 2009 à 14:12 +0000, Matt Zimmerman a écrit :
> On Wed, Mar 25, 2009 at 01:53:19PM +0000, Sebastien Bacher wrote:

> The dialog asks them to set a new password. The right thing to do is for
> them to simply enter their login password, but that is not clear. See the
> attached screenshot.
>
> Maybe we could create the keyring at install time when we have the password?

Right, I think that would be a good idea and fix the confusion about
this dialog, we would still have users annoyed to get any password
prompt at all though

Cheers,
Sebastien Bacher


--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel


All times are GMT. The time now is 08:08 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.