You are not logged in.

#1 2018-01-05 19:28:47

J4ke
Member
Registered: 2017-12-10
Posts: 6

KWallet provides no security at all?

From the official KDE docs: https://docs.kde.org/trunk5/en/kdeutils … ction.html

A wallet is by default closed, which means that you must supply a password to open it. Once the wallet is opened, the contents can be read by any user process, so this may be a security issue.

Which sounds concerning, i think most users open the wallet at login (or short after it manually) and leave it open. Then every process can read all secrets saved in the wallet (even from other programs)... May be a security issue?

KWallet supports multiple wallets, so for the most secure operation, you should use one wallet for local passwords, and another for network passwords and form data. You can configure this behavior in the KWallet System Settings module, however the default setting is to store everything in one wallet named kdewallet.

How to access it over dbus: https://learnonthejob.blogspot.de/2009/ … dline.html
I was for example able to get the "Chromium Safe Storage" Key. So even i if create one wallet for every program and they are all closed a malicious script could send a request to open them with "Chromium", "Networkmanger" or other legitimate tool name... and there is no way to tell if this is real. Same with the "ask on access" settings option...
If every user process can read it anyway, saving it in an unencrypted txt file in the home dir would give the same "protection" level.

This just confirmes what i think so far: https://news.ycombinator.com/item?id=9715432

Please tell me that i am missing something obvious here.

Offline

#2 2018-01-05 23:06:54

eagle
Member
Registered: 2013-06-12
Posts: 2

Re: KWallet provides no security at all?

KWallet can be configured to to control access by showing a prompt for any application that tries to access it.

Offline

#3 2018-01-05 23:57:35

J4ke
Member
Registered: 2017-12-10
Posts: 6

Re: KWallet provides no security at all?

Yes i know, but every process can freely choose the string that gets displayed in this prompt and refers to the connection afterwards. So you can not be sure that it is really for example Chromium that ask for access, it could be anything...

Offline

#4 2018-01-06 09:43:39

seth
Member
Registered: 2012-09-03
Posts: 23,321

Re: KWallet provides no security at all?

Yes, general authentication problem.
The client would need to know a secret (to authenticate and encrypt the communication), which no other client cain obtain - what is locally impossible (resp. you'd get as close as the DRM lie OR need a hardened system which limits read access per opt-in; also don't forget that my chromium must not use the same secret as your chromium, ie. you need to sign off the binarly locally)

Such setup is possible, but quite an effort, not mass compatible and not provided by the joe user desktop tools.
The "good" news is that this is true for all PW keepers across all systems as well as the funny UAC thing on windows.

Rule of thumb: if you execute malware outside a jail, you just lost your system.

Offline

Board footer

Powered by FluxBB