Re: Gnome keyring security in Fedora

On Thu, 2016-01-28 at 23:30 -0800, Samuel Sieb wrote: > I had some further discussion with him and he was using "systemctl  > suspend" to do the suspend.  I tested that and Gnome doesn't lock > the  > screen.  I suspect there's a bug in there either with systemd or > Gnome  > because Gnome does

Re: Gnome keyring security in Fedora

On 01/29/2016 06:11 AM, Michael Catanzaro wrote: Thanks for investigating this. Seems safe to assume it's a GNOME bug until proven otherwise. Would you be interested in filing a bug on bugzilla.gnome.org (component: gnome-session seems like a good guess)?

Re: Gnome keyring security in Fedora

On Fri, Jan 29, 2016 at 2:00 PM, Adam Williamson wrote: > On Fri, 2016-01-29 at 13:16 -0700, Chris Murphy wrote: >> On Fri, Jan 29, 2016 at 7:11 AM, Michael Catanzaro >> wrote: >> > On Thu, 2016-01-28 at 23:30 -0800, Samuel Sieb wrote: >> > > I

Re: Gnome keyring security in Fedora

On Fri, Jan 29, 2016 at 7:11 AM, Michael Catanzaro wrote: > On Thu, 2016-01-28 at 23:30 -0800, Samuel Sieb wrote: >> I had some further discussion with him and he was using "systemctl >> suspend" to do the suspend. I tested that and Gnome doesn't lock >> the >> screen. I

Re: Gnome keyring security in Fedora

On Thu, 2016-01-28 at 13:47 -0700, Chris Murphy wrote: > On Thu, Jan 28, 2016 at 12:34 PM, Samuel Sieb wrote: > > On 01/28/2016 11:30 AM, Chris Murphy wrote: > > > > > > server, all without a password. No lock screen after wake from > > > suspend. And no timeout or expiration

Re: Gnome keyring security in Fedora

On 01/28/2016 11:25 PM, Adam Williamson wrote: On Thu, 2016-01-28 at 13:47 -0700, Chris Murphy wrote: On Thu, Jan 28, 2016 at 12:34 PM, Samuel Sieb wrote: On 01/28/2016 11:30 AM, Chris Murphy wrote: server, all without a password. No lock screen after wake from suspend. And

Re: Gnome keyring security in Fedora

On Thu, Jan 21, 2016 at 3:38 PM Christopher wrote: > I've been thinking about Gnome keyring a lot lately, and I have concerns > about security, and I don't know if this is a Gnome keyring problem, or a > problem affecting Fedora specifically. > > In short, it doesn't

Re: Gnome keyring security in Fedora

On Thu, Jan 28, 2016 at 2:06 PM Kevin Fenzi wrote: > On Thu, 28 Jan 2016 18:43:09 + > Christopher wrote: > > ...snip... > > > I can't be the only one interested in finding out how to secure these > > things in Fedora. > > No, but it could be no

Re: Gnome keyring security in Fedora

On Thu, 2016-01-28 at 12:30 -0700, Chris Murphy wrote: > I don't trust any of the web browser implementations right now. > > The private keys need to be locked (e.g. ssh-add -D) upon either a > suspend/hibernate, or the screen lock timer being reached. > > Maybe I'm missing something, but at the

Re: Gnome keyring security in Fedora

On Thu, 28 Jan 2016 18:43:09 + Christopher wrote: ...snip... > I can't be the only one interested in finding out how to secure these > things in Fedora. No, but it could be no one who knows is on this list or has seen your post. Perhaps try reposting to

Re: Gnome keyring security in Fedora

On Thu, Jan 28, 2016 at 11:43 AM, Christopher wrote: > To be honest, I thought there'd be more interest in this topic by now, > considering Gnome Keyring stores so many things now in the Logon keyring by > default: > Bugzilla credentials for ABRT, > Chrome sync'd

Re: Gnome keyring security in Fedora

On 01/28/2016 11:30 AM, Chris Murphy wrote: server, all without a password. No lock screen after wake from suspend. And no timeout or expiration for the ssh key. You must have something misconfigured or what desktop environment are you using? My laptop is always locked after suspend. There's

Re: Gnome keyring security in Fedora

On Thu, 2016-01-28 at 18:43 +, Christopher wrote: > I can't be the only one interested in finding out how to secure these > things in Fedora. Any application running as your user can read anything from your keyring (provided it is unlocked). This is not problematic because we don't have any

Re: Gnome keyring security in Fedora

On Thu, Jan 28, 2016 at 2:36 PM, Michael Catanzaro wrote: > On Thu, 2016-01-28 at 18:43 +, Christopher wrote: >> I can't be the only one interested in finding out how to secure these >> things in Fedora. > > Any application running as your user can read anything from

Re: Gnome keyring security in Fedora

On Thu, Jan 28, 2016 at 2:37 PM Michael Catanzaro wrote: > On Thu, 2016-01-28 at 18:43 +, Christopher wrote: > > I can't be the only one interested in finding out how to secure these > > things in Fedora. > > Any application running as your user can read anything from

Re: Gnome keyring security in Fedora

On Thu, Jan 28, 2016 at 12:34 PM, Samuel Sieb wrote: > On 01/28/2016 11:30 AM, Chris Murphy wrote: >> >> server, all without a password. No lock screen after wake from >> suspend. And no timeout or expiration for the ssh key. >> > You must have something misconfigured or what

Re: Gnome keyring security in Fedora

On Thu, Jan 28, 2016 at 12:42 PM, Michael Catanzaro wrote: > On Thu, 2016-01-28 at 12:30 -0700, Chris Murphy wrote: >> I don't trust any of the web browser implementations right now. >> >> The private keys need to be locked (e.g. ssh-add -D) upon either a >>

Re: Gnome keyring security in Fedora

On Thu, 2016-01-28 at 14:50 -0500, Josh Boyer wrote: > Why doesn't it work in Fedora? No clue. It's been broken for as long as I remember. Michael -- devel mailing list devel@lists.fedoraproject.org http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org