ubuntu-phone team mailing list archive
-
ubuntu-phone team
-
Mailing list archive
-
Message #01207
Re: [Development] Solution for a password/secret storage
On 13-03-19 09:31 AM, Robert Bruce Park wrote:
> On 13-03-19 05:57 AM, Bruno Girin wrote:
>> On 19/03/13 10:01, Alberto Mardegan wrote:
>>> Yes. In fact, it's possible to make the two passwords go out of
>>> sync, and there you'll be prompted to enter your keyring master
>>> password as the first application requests a password.
>
>> OK so it's essential that whatever we do ensures that doesn't
>> happen. Users will have no idea what their "keyring master
>> password" is.
>
> Well, if you forget your user password, and you use root to override
> it, then that will necessarily cause them to go out of sync.
>
> Normally when changing your user password, it prompts for your old
> password, so that it can use it to decrypt the login keyring, so that
> it can be re-encrypted with the new password after.
>
> But if you are root, you don't have to enter the old password, thus
> the login keyring cannot be decrypted, thus it cannot be re-encrypted,
> thus the passwords become out of sync.
>
> I don't believe this is a solvable problem, so don't forget your login
> password ;-)
>
It's not a solvable problem in the current design, but it's certainly a
solvable problem. You simply encrypt the database key not only with the
user's password, but also with a device/root key.
Marc.
Attachment:
signature.asc
Description: OpenPGP digital signature
References