Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 17 Jan 2013 06:27:47 +0100
From: Florian Weimer <fw@...eb.enyo.de>
To: oss-security@...ts.openwall.com
Subject: Re: gnome-keyring does not discard stored secrets in some cases

* Kurt Seifried:

>> I've verified that Fedora 17 (GNOME 3.4) does not discard cached
>> keys on suspend and hibernate, either.  (Swap is encrypted, though,
>> at least I selected that in the installer.)  However, I suspect
>> that users expect that suspend (but perhaps not hibernate) does not
>> discard keys.
>
> Just to confirm, is this behavior documented at all in the gnome
> keyring documentation (e.g. that it does or doesn't do it)? Thanks.

I think the clearest part is
<https://live.gnome.org/GnomeKeyring/SecurityPhilosophy>, which
proclaims:

| * Try to keep your secrets from being swapped out or otherwise
|   written to disk.
| * Hunkering down and discarding all secrets when your computer is
|   locked.

The documentation for gnome_keyring_lock_all_sync
<http://developer.gnome.org/gnome-keyring/unstable/gnome-keyring-Keyrings.html#gnome-keyring-lock-all-sync>
says:

| Lock all the keyrings, so that their contents may not eb accessed
| without first unlocking them with a password.

In addition,
<http://developer.gnome.org/gnome-keyring/unstable/gnome-keyring-Non-pageable-Memory.html>
suggests that locked memory is never written to disk.  This is not
true with hibernation.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.