A major problem of password managers like KWallet is that basically any application that has access to the Wallet will have full access to the Wallet. This is a HUGE security flaw, as this implies that ANY application that should use KWallet needs to be 100% trustworthy. So I suggest that KWallet should not only allow to give applications access to the whole wallet, but to limit an applications access to certain parts of the wallet. For example: One could have a default policy that an application is only allowed to access keys in the walled it created itself. If it wants to access other keys, it eighter has to explicitely get full permissions, or the user has to be prompted that this Applications wants access to a foreign key. Or something similar. Regards, Valentin
Related to Bug 451039 comment 2. The fundamental problem here is that it's possible for a malicious application to impersonate a trusted one. The above link provides only a partial solution, there are still ways around it. This needs to be solved at the desktop/OS level first, before i can be fully tackled by password managers.
*** Bug 171616 has been marked as a duplicate of this bug. ***
*** Bug 467533 has been marked as a duplicate of this bug. ***
Out of curiosity - how does this behave worse than the existing "access control" functionality that requires applications to be whitelisted before allowing access? It seems like any potential methods of sidestepping this would also apply there, right? Barring being able to solve this directly, would it be an improvement to at least have an option to prompt before allowing access to a particular credential specifying which is trying to be accessed? Or would there still be a concern that it would lead to a false sense of security?