KDE Base

Konqueror remembers password when told not to with fish kioslave

Bug #229545 reported by Prateek Karandikar
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
KDE Base
New
Wishlist
kdebase (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

Binary package hint: konqueror

I'm using Konqueror 3.5.9, KDE 3.5.9 on Kubuntu 8.04.

Steps to reproduce:

* Use Konqueror to connect to a remote machine using fish, say fish://example.net, logging in as "someuser". Enter the password, and do not select "remember password". Ensure that other methods of authentication like ssh keys are not possible.
* From the terminal, ssh <email address hidden>, as you would normally.
* On example.net, check the list of processes with ps x. There should be a "sshd: someuser@notty" process, kill that.
* Check ps x again, so see that the process has been killed.
* Go back to Konqueror and do something like navigating to a different folder.
* On example.net, do ps x again to see that an ssh connection has been re-established.

The fact that the second ssh session was established seems to indicate that Konqueror remembered the password and used it again, without the user's permission. Konqueror should not remember passwords unless told to do so, and there should be a way to tell Konqueror "I'm done now, forget the password and any other personal data related to this fish session".

Revision history for this message
Harald Sitter (apachelogger) wrote :

Well, don't kill the remote process.
Konqueror (or rather the underlying fish kio slave) will remember the password for the session time - which is the actual usage + a time buffer of 30 seconds to some minutes (differs from kio slave to kio slave).

Changed in kdebase:
status: New → Invalid
Revision history for this message
Prateek Karandikar (prateek.karandikar) wrote :

Konqueror/fish kio slave remembering the password (even if it's for the "session") when "remember password" has not been selected is downright misleading, and looks like cheating. The user can feel very insecure, with no obvious way of making it "forget" the password ("oh no, looks like it has stored my password... **panic**... go to configure konqueror, try to delete private data... it STILL remembers my password... **more panic** ... I can't trust Konqueror any more!"). This is critical on a public, shared computer.

If "remember password" is not selected, the password should be used once for connecting and then forgotten. A "remember for session" option could be added, along with a clear definition of "session" and a way to allow the user to explicitly make Konqueror forget the password. It should be made clear to the user that this password will remain only in RAM, and not on the hard disk. This will ensure that the password won't be recoverable later in case of a power failure or something. The user might be at a public computer for a limited period of time (exactly the situation in which I encountered this bug), and it may not be possible for him/her to come back to the computer after the power has been restored.

Users can be very sensitive about their passwords on remote machines, and KDE should respect this. Not only should Konqueror do the right thing, it should *take the user in confidence*, and the user should know exactly how Konqueror is dealing with the password. The user must be able to revoke the trust at any time.

I sincerely believe that this bug is not invalid. I'm not sure if it's considered proper etiquette around here if I change the status back, though, so for now I'm leaving it at invalid.

(I think a similar issue occurs with HTTP Basic Authentication, but I'm not very sure.)

Revision history for this message
Harald Sitter (apachelogger) wrote :

Please report the issue at http://bugs.kde.org session based password remembering is an essential part of KDE's io slave handling, it should be changed in KDE, not Kubuntu.

Revision history for this message
Prateek Karandikar (prateek.karandikar) wrote :

Bug has been reported upstream.

Bug Watch Updater (bug-watch-updater)
Changed in kdebase:
status: Unknown → New
Bug Watch Updater (bug-watch-updater)
Changed in kdebase:
importance: Unknown → Medium
Bug Watch Updater (bug-watch-updater)
Changed in kde-baseapps:
importance: Medium → Wishlist
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.