gnome-keyring prompts lack way to set default timeout

Bug #645561 reported by Kees Cook
16
This bug affects 2 people
Affects Status Importance Assigned to Milestone
gnome-keyring (Ubuntu)
Fix Released
Undecided
Canonical Desktop Team

Bug Description

Binary package hint: gnome-keyring

The default timeout for gnome-keyring prompts for GPG and SSH keys are no longer configurable. This used to be seen through seahorse-properties (and then only for GPG). This seems to be a regression from Lucid, where the timeout was configuration. In my specific case, it is now defaulting to "unlock for entire session" rather than my prior setting of "unlock for 30 minutes".

ProblemType: Bug
DistroRelease: Ubuntu 10.10
Package: gnome-keyring 2.92.92.is.2.31.91-0ubuntu1
ProcVersionSignature: Ubuntu 2.6.35-20.29-generic 2.6.35.4
Uname: Linux 2.6.35-20-generic x86_64
Architecture: amd64
Date: Wed Sep 22 13:52:47 2010
ProcEnviron:
 LANGUAGE=en_US:en
 PATH=(custom, user)
 LANG=en_US.utf8
 SHELL=/bin/bash
SourcePackage: gnome-keyring

Revision history for this message
Kees Cook (kees) wrote :
tags: added: regression-potential
Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

I'm seeing this also.

It would appear 2.31.91 ripped out gconf support, and so lost all configuration options.

2.31.92 adds gsettings support, and resolves this. Could we get 2.31.92 in maverick?

Changed in gnome-keyring (Ubuntu):
status: New → Confirmed
Kees Cook (kees)
Changed in gnome-keyring (Ubuntu):
assignee: nobody → Canonical Desktop Team (canonical-desktop-team)
Revision history for this message
Kees Cook (kees) wrote :

If a configurable version isn't possible for freeze, how about a minimal change to set to default to 10 minutes instead of the entire session.

tags: added: patch
Revision history for this message
Didier Roche-Tolomelli (didrocks) wrote :

Not sure we will get 2.31.92 as there is no migration from gconf -> gsetting. We will maybe keep 2.31.91.
Built and tested here.

Consequently, the patch from Kees seems fine, uploading it.

Revision history for this message
Didier Roche-Tolomelli (didrocks) wrote :

just uploaded, thanks Kees :)

Changed in gnome-keyring (Ubuntu):
status: Confirmed → Fix Committed
Revision history for this message
Martin Pitt (pitti) wrote :

10 minutes is a bit harsh, though, isn't it? It's definitively not what we shipped earlier; I used to survive the entire day without having to enter my ssh/gpg passphrases over and over again. So forcing 10 minutes would seem to be quite a large inconvenience.

Revision history for this message
Martin Pitt (pitti) wrote :

Rejecting package and reopening as per discussion with Didier. Forcing everyone to have keys forgotten after 10 minutes makes the entire idea pretty much useless -- your are going to have to enter your key with pretty much every email, upload, or ssh. That's not what we had in earlier releases. I think we should bring back the configurability, not force such a low timeout.

Changed in gnome-keyring (Ubuntu):
status: Fix Committed → Triaged
Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

Here's what I propose:

In Lucid and earlier, the gpg agent was handled by the "seahorse-plugins" package which contains a GUI for setting the GPG timeout preferences.

Since the newfangled gpg agent support in gnome-keyring 2.31.91 doesn't contain settable preferences, I suggest we disable it by removing the /etc/xdg/autostart/gnome-keyring-gpg.desktop file. This way, the gpg agent will continue to be handled by seahorse-plugins as before, until the next release when we update gnome-keyring.

Revision history for this message
Kees Cook (kees) wrote : Re: [Bug 645561] Re: gnome-keyring prompts lack way to set default timeout

On Thu, Sep 23, 2010 at 07:28:31AM -0000, Martin Pitt wrote:
> 10 minutes is a bit harsh, though, isn't it? It's definitively not what
> we shipped earlier; I used to survive the entire day without having to
> enter my ssh/gpg passphrases over and over again. So forcing 10 minutes
> would seem to be quite a large inconvenience.

It's 10 minutes of _idle_. This matches sudo, and is just to get us away
from remembering it forever. If we can't disable it and can't get a new
version, how about just raising the idle default?

--
Kees Cook
Ubuntu Security Team

Revision history for this message
Didier Roche-Tolomelli (didrocks) wrote :

after discussion with pitti, we agreed on Marc's idea. We will still use seahorse-plugin in maverick for that.

Changed in gnome-keyring (Ubuntu):
status: Triaged → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gnome-keyring - 2.92.92.is.2.31.91-0ubuntu2

---------------
gnome-keyring (2.92.92.is.2.31.91-0ubuntu2) maverick; urgency=low

  * debian/rules:
    - don't install gnome-keyring-gpg.desktop for now as we can't configure GPG
      timeout before 2.31.92 which we won't get in maverick. This enable using
      searhorse-plugins instead as in lucid which can configure the timeout
      (LP: #645561)
  * debian/gnome-keyring.postinst, gnome-keyring.postrm, gnome-keyring.preinst:
    - handle removing conffile on the system
 -- Didier Roche <email address hidden> Fri, 24 Sep 2010 17:20:45 +0200

Changed in gnome-keyring (Ubuntu):
status: Fix Committed → Fix Released
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

This is fine and all (I guess), but seahorse-plugins is not installed by default (at least not on my desktop). I suppose this isn't a huge issue since Lucid users upgrading won't see a regression, but people using maverick for the last however many months may be confused.

Revision history for this message
Didier Roche-Tolomelli (didrocks) wrote :

right, but I think people using gpg key on a beta version can remember how they setup seahorse-plugins in lucid :)

Revision history for this message
Martin Pitt (pitti) wrote :

We did not ship seahorse-plugins in lucid (and maybe karmic) by default either, so it's not a regression from lucid.

Revision history for this message
Eric Drechsel (ericdrex) wrote :

I am experiencing the "keeps unlocked for entire session" behavior and still can't find a way to change the setting, in Precise. This is a _horrible_ security flaw!! I am using GPG because I want to protect my assets and communications, and here my OS is silently subverting my efforts.

Revision history for this message
Eric Drechsel (ericdrex) wrote :

To be clear, I support the idea of changing the default to a 10 minute idle timeout.

See also https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/987167

Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

@Eric: When the password prompt comes up, click the arrow to see the advanced options, and select the timeout you want.

Please open a new bug if that doesn't work for you, this ancient bug is closed, and is unrelated to your issue.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.