Ubuntu
gnome-keyring package

New keyring password keeps being reset

Bug #770663 reported by SB
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
gnome-keyring (Ubuntu)
Confirmed
Medium
Unassigned

Bug Description

Binary package hint: gnome-keyring

On Natty Beta 2 (all updates as of today 4/26), I wanted to change the password for the "login" keyring in Seahorse so that it would be different from the user password. I entered my old password (identical to the user password) and then entered the new password twice. Then, to test it, I locked the keyring and unlocked it later with my new password. Everything worked as expected.

Then, on restart, I was prompted, as expected, with a screen to unlock my keyring. I unlocked it with my new password and for example connecting to the wifi network worked automatically. But then, just like in bug #745780, after entering the new password, the prompt kept coming up. But as in the bug described, there seemed no harm in canceling the other prompts, so I did.

However, this is where it got interesting (hence the reason for this bug report): upon rebooting again (or logging out and back in, for that matter), the password prompt didn't appear at all anymore. So to figure out what happened, I called up the keyring manager and found my "login" keyring already unlocked (without me entering the password - only the login password, but I had changed the keyring password to be something different). Locking and then trying to unlock it again, I was greeted with a prompt to enter the password, but my new password kept being rejected. But entering my old login password, the keyring was suddenly unlocked.

So I went ahead and repeated the entire procedure of changing the password. As before, on the next login, I was able to unlock my keyring with the new password (plus the excess prompts to enter the password again). To check if this time everything was alright, I called up the keyring manager again and locked and tried to unlock my keyring. This time, it rejected my new password (after accepting it only moments before!), and again the old password worked.

So it seems to me that the problem is the following: at some point, the new password for the "login" keyring gets reset to the user's password. I'm guessing it is related to the bug #745780 mentioned before, as this only happens after canceling the excess prompts after a new login, since on first login, the new password still works to unlock the keyring. But I filed a new bug because I'm not sure if there's not more to this problem.

I'm not sure if I managed to explain myself correctly, it's a really weird problem, and I have no idea why the password would be reset.

Anyhow, if I can contribute any more information, just let me know.

(A limited workaround might be to create a new keyring and make it default and leave the "login" keyring empty. I'll try that tomorrow.)

See original description
SB (stefan-bommer)
visibility: private → public
description: updated
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Thank you for using Ubuntu and filing a bug. While I appreciate the care taken to explain the problem, some parts of the process to reproduce the bug are not specific enough (eg "after entering the new password, the prompt kept coming up. But as in the bug described, there seemed no harm in canceling the other prompts, so I did"). Can you provide a reduced test case with specific steps that clearly indicate what you are seeing and what actions you took? Thanks

Changed in gnome-keyring (Ubuntu):
assignee: nobody → Jamie Strandboge (jdstrand)
status: New → Incomplete
Revision history for this message
SB (stefan-bommer) wrote :

well, i'll try to be more specific. basically the procedure is the following:

1. changing the password for the "login" keyring
2. logout/login
3. entering the new password in the password prompt -> wireless gets connected (as a sign that the password was correct)
4. however, similar to bug #745780 (and maybe due to the same cause), another prompt comes up saying that the password was wrong (while it must have been right because wifi connected). so i cancel the other prompt.

5a. after the next logout/login, no password prompt comes up. this is because the password has been reset to be the same as the session password. (i checked that several times because locking and unlocking the keyring in the password manager only works with the session password and not with the new one i entered).

5b. the password also gets reset if i don't logout/login again (i.e. stay in the same session after step 4), which i confirmed by just locking and trying to unlock the "login" keyring once more in the password manager, which only worked with the session password.

so, bottom line, my thinking is that the password being reset has something to do with the other password prompt coming up as described in step 4. i don't know if it's the same cause as bug #745780 (i have no idea of the internal workings of the keyring manager) so i filed a new bug instead of just adding it to the description of that bug.

any other things i should add? i couldn't find anything in .xsession-errors related to gnome-keyring (other than some window size issues). any other place i should look?

SB (stefan-bommer)
Changed in gnome-keyring (Ubuntu):
status: Incomplete → Confirmed
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Thank you for the additional information. I am going to unmark this as a security vulnerability because while this is a bug that should be fixed, it does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy.

Changed in gnome-keyring (Ubuntu):
assignee: Jamie Strandboge (jdstrand) → nobody
importance: Undecided → Medium
security vulnerability: yes → no
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.