Bug 467533

Summary: Allow only application to access its stored credentials
Product: [Applications] kwalletmanager Reporter: postix <postix>
Component: generalAssignee: Valentin Rusu <valir>
Status: RESOLVED DUPLICATE    
Severity: wishlist CC: mk.mateng
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: Other   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description postix 2023-03-18 17:03:54 UTC 
SUMMARY

As far as I am informed, right now, once an application makes use of the credentials store (kwallet), it can basically access all credentials, including those of other applications.

It'd therefore be a security enhancement if it could only access credentials which are associated with this very application.
One way to to associate it, could be to check if it started under a certain path like `/usr/bin/my-application`.
Comment 1 michaelk83 2023-03-23 08:17:26 UTC 

*** This bug has been marked as a duplicate of bug 432713 ***