Bug#570000: gnome-keyring-daemon accesses removeable disks -- why?

Ron Murray rjmx at rjmx.net
Mon Feb 15 18:55:35 UTC 2010 

Package: gnome-keyring
Severity: normal

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

   If I unmount my NTFS partition, I keep getting errors (in auth.log, no
less!) like this:

> Feb 15 10:42:53 khufu gnome-keyring-daemon[17623]:
>    removing removable location: /win
> Feb 15 10:42:53 khufu gnome-keyring-daemon[17623]: 
>    no volume registered at: /win

   I've looked in the documentation, and I can find no reason for
gnome-keyring-daemon to be looking in removeable drives. It claims to
store passwords and otherwise act like ssh-agent; trying to access
other drives in a system would appear to be outside this purpose.

   If there's a valid reason for gnome-keyring-daemon to be doing
this, then it should appear in the documentation. Otherwise I can only
regard this package as a security risk.

   (The problem is compounded by the fact that so many packages seem
to depend upon gnome-keyring-daemon for no reason: see bug #563358,
for example).

   Note, too, that bug #497428 is related to this.

   I'm not sure what severity to put on this bug. I think it's a
security risk unless there's a valid reason for this behaviour: if
there is one, then it's probably 'wishlist' (to add an explanation to
the documentation). Feel free to change it as you wish, but I'll leave
it at 'normal' for now.


- -- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32.8-khufu-0 (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Versions of packages gnome-keyring depends on:
ii  gconf2                        2.28.0-1   GNOME configuration database syste
ii  libatk1.0-0                   1.28.0-1   The ATK accessibility toolkit
ii  libc6                         2.10.2-2   GNU C Library: Shared libraries
ii  libcairo2                     1.8.8-2    The Cairo 2D vector graphics libra
ii  libdbus-1-3                   1.2.20-2   simple interprocess messaging syst
ii  libgconf2-4                   2.28.0-1   GNOME configuration database syste
ii  libgcrypt11                   1.4.5-2    LGPL Crypto library - runtime libr
ii  libglib2.0-0                  2.22.4-1   The GLib library of C routines
ii  libgtk2.0-0                   2.18.6-1   The GTK+ graphical user interface 
ii  libhal-storage1               0.5.14-2   Hardware Abstraction Layer - share
ii  libhal1                       0.5.14-2   Hardware Abstraction Layer - share
ii  libpango1.0-0                 1.26.2-1   Layout and rendering of internatio
ii  libtasn1-3                    2.4-1      Manage ASN.1 structures (runtime)

Versions of packages gnome-keyring recommends:
pn  libpam-gnome-keyring          <none>     (no description available)

gnome-keyring suggests no packages.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBAgAGBQJLeZiZAAoJEDHYrtWvbQ1KbrkP/R2T52Gyaa9fam+TSi1KXd3g
q8KG46NiocGwtDy93e6O3esz9rJaP+bZa90Bv9An+K42HUlW1IKDK95dJ2MRcwaN
UhPFsARmLGD7D6V6i1JjlwIFUzeifkmYVdG+62bZl4WLEBE7InF1BtUgIKR3OoLz
89NzVe4gIp/GoiKChdzqR2Oo2jQu5JAS8SmRkpbLCOsjvHUS0SbS47w/B6ubulAc
y+K7Iy0TctEfnmJH69U1ztq359wwrvUm5o3XsNEu8pIGg2y1fSGxGk/bTN4Tszp/
uucnA/f6Q3sX/BwBiNhylEEX4JruL0KZ4oVKoY/9g2HCo5LuyZlGMdiUmk441txd
WVeOdwoRO9HCTrsOS5OZEg+/GkzMGqs08fMWUyxdpSzzZ2Va3jUTTcGDHpF/soXp
ga7W2kxL2DDsU3WbF4Bcx7CBmYJLBXPpuLUgkqDx0xnYHU34js4mM8AcDjGFhZyG
GZvlAD8BRoAu7yIFzwkvJ+ZcAbCuiPgE+bZZaseFzWZppnML5QifPUqZVWtFDifY
YFski6ATnpZ3049blxa2Rll/fUPWRr1Mvo64TALuQOoBqdUN/3xwEgC3NzTxrjsg
28HXRkweo+hM+ueNV+Jt+0m1cspcBx3MbEY2DCf3cNJi46i98r8H1Ufve7HEN5V/
Ve+AYSjLinov8trBq/5A
=S4AV
-----END PGP SIGNATURE-----

More information about the pkg-gnome-maintainers mailing list