ubuntu-phone team mailing list archive
-
ubuntu-phone team
-
Mailing list archive
-
Message #01201
Re: [Development] Solution for a password/secret storage
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 13-03-19 05:57 AM, Bruno Girin wrote:
> On 19/03/13 10:01, Alberto Mardegan wrote:
>> Yes. In fact, it's possible to make the two passwords go out of
>> sync, and there you'll be prompted to enter your keyring master
>> password as the first application requests a password.
>
> OK so it's essential that whatever we do ensures that doesn't
> happen. Users will have no idea what their "keyring master
> password" is.
Well, if you forget your user password, and you use root to override
it, then that will necessarily cause them to go out of sync.
Normally when changing your user password, it prompts for your old
password, so that it can use it to decrypt the login keyring, so that
it can be re-encrypted with the new password after.
But if you are root, you don't have to enter the old password, thus
the login keyring cannot be decrypted, thus it cannot be re-encrypted,
thus the passwords become out of sync.
I don't believe this is a solvable problem, so don't forget your login
password ;-)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iQIcBAEBAgAGBQJRSGjNAAoJEMnVpoCaWglEF/0P/RJML4MHvgBI2zL3bRypi/Ac
Rm0xFLaomwnjPwvGj9hisYXCaqpfYY70HntjQXUY7ICDryOlS+n0A4N1r1WuWSIu
9RjEfZlKeW3DTxyyFRUXnqC0LXLVTI+vDafBEUkwmcoCutVntZyJ0N6qm1qnfnRT
Y9W+Xpj1CIXiRNfa0z8VdA3PUPQpBy+9ygom2TF2WEaHn7PGdRB3DdCKOvBy3gks
RRp7gtYca4K0WFWIPeQ72iGGopiU97A24+Zb68SwDvKPVQQCnHZXxoSchb1Ia9hU
8ltHJ1jA6xQSiYfch0oboEAVN2WcjQW6jrnoKDSZ9nlD0nSf1WT8fAvkd+5BIkoQ
sT4gGdGjC5AFKLHcHx2o2FJCAdsa3ZQHV24etdzgavEIYVy+lBBFHe0gqFWi0Dp1
6I+fibKk1CfZ5Mftp5lEJbGK0MxjkVkR05v4CYpBrCz98oISB9z07ZNc0byy9gJ0
yUMBF1BdBVbZfdnAVm/p7Cgz77FzNsW+SgIIK7HCo1kDrI0T5ZJIfjFqGgQHMFzv
Hvc3t8QLTmQ3fw8Sxu4nbay6ThA2D9zPCf3IJFyCgxtImZR6JYSh7ziwvJKhC9c1
E1C6JRgDGgMNSRvpwxfEIom8/03uKYCkQqpn5OC0ZYHh14y7esGx/8tDObJAFrrm
WZl/ASqAA8epk9S5dpr1
=LCL5
-----END PGP SIGNATURE-----
Follow ups
References