Bug#697896: libgnome-keyring0: gnome_keyring_lock_all_sync() doesn't lock the GNOME keyring
Brent H.
bhull2010 at live.com
Thu Jan 10 01:07:24 UTC 2013
Package: libgnome-keyring0
Version: 2.30.1-1
Severity: important
Tags: security
If a program calls the function gnome_keyring_lock_all_sync(), the GNOME
keyring does not lock. This function is used by gnome-power-manager (in
squeeze) when hibernating (or suspending as well if the appropriate gconf key
is set).
I previously reported it at:
https://bugzilla.gnome.org/show_bug.cgi?id=690466
but I have not recieved any replies in that bug report yet.
Basically, the library calls the dbus method LockService() on the gnome-keyring
daemon, but that method does nothing (as I mentioned in the GNOME bug report).
To fix this, libgnome-keyring would need modified to call appropriate dbus
methods that actually lock the keyring, or gnome-keyring-daemon would need the
LockService() dbus method implemented (to lock the keyring instead of only
claiming that it locked it).
-- System Information:
Debian Release: 6.0.6
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages libgnome-keyring0 depends on:
ii libc6 2.11.3-4 Embedded GNU C Library: Shared lib
ii libdbus-1-3 1.2.24-4+squeeze1 simple interprocess messaging syst
ii libgcrypt11 1.4.5-2 LGPL Crypto library - runtime libr
ii libglib2.0-0 2.24.2-1 The GLib library of C routines
libgnome-keyring0 recommends no packages.
Versions of packages libgnome-keyring0 suggests:
ii gnome-keyring 2.30.3-5 GNOME keyring services (daemon and
-- no debconf information
More information about the pkg-gnome-maintainers
mailing list