Bug 115011

Summary: kwallet has no way of preventing access to data if a wallet is open
Product: [Applications] kwalletmanager Reporter: bonne
Component: generalAssignee: George Staikos <staikos>
Status: RESOLVED INTENTIONAL    
Severity: wishlist    
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: unspecified   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description bonne 2005-10-24 17:40:27 UTC 
Version:           1.1 (using KDE 3.4.1, Gentoo)
Compiler:          gcc version 3.4.3 20041125 (Gentoo 3.4.3-r1, ssp-3.4.3-0, pie-8.7.7)
OS:                Linux (x86_64) release 2.6.13-gentoo-r2

I have just started using kwallet to save my password data, so it's more secure.

The problem is that for kmail to regularly check my email, it needs the password, and so the wallet must be open. 

When the wallet is open, anyone walking past can open it up an see my password right in front of them (much easier than searching through config files as they otherwise would have to)

My proposition is twofold:
1. Allow the wallet to be open only for specific applications (so you can open it for kmail, but keep it closed for kopete, or importantly kwalletmanager).
2. Save the settings for which applications automatically get access (or denied access) to a wallet 'within' the wallet (so that you need to use the password to change those settings).

Currently I can set it to deny a program from accessing data in the wallet, although it requires no password to change that setting.
Comment 1 George Staikos 2005-10-24 21:36:37 UTC 
Sorry, those are both technically impossible.  There is no way to prevent some application or tool from pretending to be another application.  As much as we might want to see that happen...
Comment 2 bonne 2005-10-25 01:31:10 UTC 
Are you saying I'm better off just not using kwallet at all?
It would seem to me to be more secure to have a password partially obscured in some text file than open for all to see with an inviting wallet icon.
Comment 3 George Staikos 2005-10-25 02:32:24 UTC 
On Monday 24 October 2005 19:31, Bonne Eggleston wrote:
> 2005-10-25 01:31 ------- Are you saying I'm better off just not using
> kwallet at all?
> It would seem to me to be more secure to have a password partially obscured
> in some text file than open for all to see with an inviting wallet icon.


  No, I'm saying that we can't provide any guarantees of which application 
we're talking to, so there's no point in layering on code that doesn't help.  
If you're worried about the icon, hide it, or remove/rename kwalletmanager.  
You can also do the secure thing and simply set a timeout to automatically 
close the wallet.
Comment 4 saintiss 2006-10-30 10:25:41 UTC 
What is being asked here is to prompt once more for the wallet password once the "read password in clear text" feature is being accessed. This is easy, not impossible...
Comment 5 saintiss 2006-10-30 10:36:18 UTC 
To make things worse, you can change a wallet's master password without providing the old master password!
Comment 6 saintiss 2006-10-30 10:37:15 UTC 
(if the wallet is open, that is, but that's the whole problem :))