136623 – security issue - kmail uses cashed password after closing the wallet manager

Bug 136623 - security issue - kmail uses cashed password after closing the wallet manager

Summary: security issue - kmail uses cashed password after closing the wallet manager

Status:	CONFIRMED

Alias:	None

Product:	kwalletmanager
Classification:	Applications
Component:	general (show other bugs)
Version:	unspecified
Platform:	unspecified Linux

Importance:	NOR wishlist
Target Milestone:	---
Assignee:	Valentin Rusu

URL:
Keywords:

Depends on:
Blocks:

Reported:	2006-11-01 12:51 UTC by Ferdinand Gassauer
Modified:	2013-09-03 21:54 UTC (History)
CC List:	2 users (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Ferdinand Gassauer 2006-11-01 12:51:08 UTC

Version:           1.9.5 (using KDE 3.5.5, compiled sources)
Compiler:          Target: x86_64-suse-linux
OS:                Linux (x86_64) release 2.6.16.13-4-default

Hi!

reproduction

open kmail - it will request the walletmanager to open to access the passwords for the accounts.

close the wallet manager
close kmail

restart kmail - all accounts are accessible without opening the wallet.

IMHO this is a grave security issue.

Comment 1 auxsvr 2006-11-15 15:34:09 UTC

This is the expected behaviour by KWallet, it has nothing to do with KMail. In order to make the wallet unavailable to other applications, you should first right click on the wallet icon and select "Close all wallets".

Comment 2 Ferdinand Gassauer 2006-11-15 16:18:02 UTC

Indeed, it works as you described!

But IMHO this is totally user-UN-friendly.

At least I - if I close the wallet manager in the icon tray I assumed that I am closing the application and hence ALL wallets. 
But this seems not to be the case. (Do not want to discuss if this is intended or not)
But if so - the wallet manager should show the open wallets on exit and ask if these wallets should be closed (or not). 

The problem is, that no user will know which ones are opened during normal operation, because the walletmanager gently hides this fact from the user.

I am moving this bug to kwalletmanger and leave it as grave, because it's so easy to leave the doors open.

Comment 3 Michael Leupold 2008-05-01 11:38:34 UTC

It seems kwallet is supposed to work like that but the security options might seem a little obscure to users. In the settings dialog you have "Close when last application stops using it" which closes a wallet if it's no longer used. Of course if you have any other application keeping the wallet open it stays open and kmail can access it again after restarting.

So it basically boils down to 2 things you can do:
1) Close the wallet manually (having other applications using it reopen it)
2) Set a time-out for closing the wallet in the kwalletmanager settings.

I'm not sure how to handle this. Of course we could have every application accessing a wallet ask for the password but that doesn't seem like a good thing to do. I'd much rather be in favour of making the options clearer to the user in further releases.

What do you think?

Comment 4 Ferdinand Gassauer 2008-05-04 23:23:15 UTC

see my comment #2

"quit" should ask the user if all wallets should be closed 
OR/AND
quit should only be possible after closing all wallets

Comment 5 Michael Leupold 2008-11-10 12:14:27 UTC

Downgrading this to a wishlist item. I'm thinking about implementing this for 4.2 - maybe the systray icon could go into the daemon instead of the client.