Integrate with libsecret #20
Comments
|
It's a good idea, but from a pure security perspective, if you have a keylogger on your computer, it's just a matter of time until the bad guy gets his hands on |
|
The way that I view security is that it's about mitigations. There is no "perfectly secure" system. However, HID inputs, especially keyboard inputs, are a promiscuous interface. That's what keyloggers rely upon. There isn't much of a security scheme in place for protecting plaintext HID inputs. The generic interface also means that one cannot layer such a scheme on top. Moving to an interface like libsecret allows for a much more sophisticated security context. Yes, in theory, you could attack the secrets service directly. But, if that becomes a common attack, that secrets service can be updated to include more effective mitigations against such attacks. With libsecret, there is a verbose API that allows for some degree of negotiation of secret retrieval. Secret collections can be locked and unlocked, allowing for designs such as timing out the unlock of a collection, requiring the user to unlock the collection again to retrieve passwords from it. For paranoid users, the Ledger app could also require per-retrieval authorization from the Ledger device. |
|
Sounds good! Edit: maybe you were thinking of a system where libsecret is a client of the password app and retrieves passwords only when needed, without storing them in its own database ? That would probably be quite a lot of work, and even more to have compatibility with Windows/MacOS 🤔
I couldn't find much about this from the docs, did I miss something ? |
Gnome provides a keyring library out-of-the-box called libsecret. It supports remote password managers, and could in theory be integrated into this app to provide access to passwords, instead of using HID emulation. This approach would presumably mitigate keyloggers as well.
The text was updated successfully, but these errors were encountered: