I've been thinking about Gnome keyring a lot lately, and I have concerns
about security, and I don't know if this is a Gnome keyring problem, or a
problem affecting Fedora specifically.
In short, it doesn't look like Gnome keyring has the ability to notify a
user interactively when a password is read from an unlocked keyring (or to
dynamically unlock it with a master passphrase upon request). Is this
correct? If so, it puts it behind NSS features that Firefox and other apps
use to store passwords and other credentials. However, if it's just
something specific which isn't packaged for Fedora, or isn't installed by
default, that would be very good to know.
In the past, seahorse-plugins provided a gpg-agent with a tool for
configuring cache preferences. It looks like seahorse-plugins is no longer
packaged for Fedora, and gpg2 integrates with seahorse/gnome keyring
differently (I don't know how). At least for GPG passphrases, this provided
some UI to notify the user upon programmatic access to the cached
credentials, and provided an notification icon whenever the cache was
non-empty. It also provided a customizable timer for the cache.
Although they didn't help for non-GPG credentials, these features of
seahorse-plugins provided important (essential, I would say) security for a
GPG credential cache (and, I would argue, essential for any private
credential store). However, these appear to have been lost in Fedora,
making Fedora less secure. Does anybody know about this? Do these features
have replacements which I'm not aware of? If so, why aren't they installed
in Fedora by default?
Is this downgrade in security a Fedora problem, or is it a Gnome problem,
or a seahorse problem? Are there alternatives? NSS seems to be getting some
of this right, but doesn't have good integration with Gnome/Seahorse/GPG.
Thoughts?
--
Christopher