Summary: | Kwallet does not get unlocked when I unlock my screen | ||
---|---|---|---|
Product: | [Frameworks and Libraries] kwallet-pam | Reporter: | Ralf Jung <post> |
Component: | general | Assignee: | Plasma Bugs List <plasma-bugs> |
Status: | RESOLVED NOT A BUG | ||
Severity: | normal | CC: | kde |
Priority: | NOR | ||
Version: | 5.14.5 | ||
Target Milestone: | --- | ||
Platform: | Other | ||
OS: | Linux | ||
Latest Commit: | Version Fixed In: |
Description
Ralf Jung
2019-05-24 07:09:46 UTC
kwallet_pam only handles initial login. You have a setting to close the wallet when you lock the screen enabled. You probably want this off. Given kwallet's only job is to protect a system that's at rest. I struggle to see a use case for closing it when you lock the screen in combination with auto unlock that would provide any security. > Given kwallet's only job is to protect a system that's at rest. I struggle to see a use case for closing it when you lock the screen in combination with auto unlock that would provide any security.
Assuming the attacker grabs my laptop while the screen is locked, it would be nice to know that the wallet is closed and hence nothing can be extracted from RAM.
So, disabling auto-close-on-lock would severely degrade security. Auto-open-wallet-on-screen-unlock OTOH does not degrade security as both the screen lock and the walltet are protected by the same password.
So, I think there is quite an obvious use-case for this and it would significantly increase security, in particular when the laptop is hardly ever turned off so all the time "at rest" is spent in suspend.
I'm a bit disappointed that I do not even get an answer for suggesting what I think is a rather reasonable use-case. |