On 03/29/2011 06:17 PM, Patrick Ohly wrote:
Some tester pointed out that signond logs the username/password as plain text in the system log (accessible by root); clearly that isn't desirable,
Indeed. It has been fixed in the repository, I'll soon push it to OBS.
but the much bigger gap is that the same information can also be read without root privileges in the unencrypted ~/.signon databases - in MeeGo, at least.
For the encryption to work, we need to write a plugin implementing the AbstractKeyManager interface: this plugin should emit some keys which will be used to encrypt/access the secure storage. In Maemo Harmattan we have such a plugin [0], which uses the SIM card authentication key, so that the secure storage is enabled only when a SIM card is inserted (and not any SIM, actually :-) ). But it uses libCellularQt, which AFAIK is not available in MeeGo.
To force encryption, we could just write a simple plugin which always emits an hardcoded key, or somehow integrate with the screen unlocking process and have it unlock the secure storage too.
Ciao, Alberto [0]: http://gitorious.org/accounts-sso/signon-sim-dlc-extension -- http://blog.mardy.it <-- geek in un lingua international! _______________________________________________ MeeGo-handset mailing list [email protected] http://lists.meego.com/listinfo/meego-handset
