Mystery keyring password prompts pop up for no reason
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
gnome-session (Ubuntu) |
Invalid
|
High
|
Unassigned |
Bug Description
A prompt box periodically pops up for no apparent reason asking me for my default keyring password. If I click Cancel, it re-appears again after a few minutes. There is absolutely no information about what program is asking or why. Is this a phishing scam?!?
I'm marking this as "security vulnerability" because the "mystery" prompt is asking for extremely sensitive information which users should not give out without knowing what program will use it.
* My homedir is not encrypted
* I do use automatic login, but it succeeded and everything works, including network.
* My system has slept/resumed a few times (don't know if that's relevant)
* I use a wired Ethernet connection, not WiFi (so no password is needed for network access).
* I am not running any commands that I know of which use encryption or require access to my private keys.
Since I am not doing anything which actually requires my private key, something is asking to unlock the keyring wrongly;
Or else a background process (or trojan) is trying to communicate with somebody behind my back, using my private keys.
This seems to be new (REGRESSION) as of 15.04, it did not occur before upgrading.
The programs I *am* running are:
* Firefox
* Thunderbird (I typed in it's Master Password previously, and it is working fine)
* Terminals
* A Java based web app (Interactive Brokers Trader Workstation)
/var/log/auth.log contains the following:
<username>: Executing command [USER=root] [TTY=unknown] [CWD=/home/
bus acquired: org.gnome.
Gcr: registering prompter
bus acquired: org.gnome.
Gcr: received BeginPrompting call from callback /org/gnome/
Gcr: preparing a prompt for callback /org/gnome/
Gcr: creating new GcrPromptDialog prompt
Gcr: automatically selecting secret exchange protocol
Gcr: generating public key
Gcr: beginning the secret exchange: [sx-aes-
Gcr: calling the PromptReady method on /org/gnome/
acquired name: org.gnome.
acquired name: org.gnome.
Gcr: returned from the PromptReady method on /org/gnome/
Gcr: received PerformPrompt call from callback /org/gnome/
Gcr: receiving secret exchange: [sx-aes-
Gcr: deriving shared transport key
Gcr: deriving transport key
Gcr: starting password prompt for callback /org/gnome/
Gtk: GtkDialog mapped without a transient parent. This is discouraged.
Gcr: completed password prompt for callback :1.259@
Gcr: sending the secret exchange: [sx-aes-
Gcr: calling the PromptReady method on /org/gnome/
Gcr: returned from the PromptReady method on /org/gnome/
Gcr: received PerformPrompt call from callback /org/gnome/
Gcr: stopping prompting for operation /org/gnome/
Gcr: closing the prompt
ProblemType: Bug
DistroRelease: Ubuntu 15.04
Package: gnome-session-bin 3.14.0-2ubuntu5
ProcVersionSign
Uname: Linux 3.19.0-23-generic x86_64
NonfreeKernelMo
ApportVersion: 2.17.2-0ubuntu1.1
Architecture: amd64
CurrentDesktop: Unity
Date: Mon Jul 13 18:56:02 2015
InstallationDate: Installed on 2013-08-06 (707 days ago)
InstallationMedia: Ubuntu 13.04 "Raring Ringtail" - Release amd64 (20130424)
SourcePackage: gnome-session
UpgradeStatus: No upgrade log present (probably fresh install)
information type: | Private Security → Public |
Changed in gnome-session (Ubuntu): | |
importance: | Undecided → High |
I suspect it is Ubuntu One:
Jul 13 17:55:16 hostname org.gnome. keyring. SystemPrompter[ 1889]: Gtk-Message: GtkDialog mapped without a transient parent. This is discouraged. OneConf[ 1889]: ERROR:oneconf. networksync. ssohandler: credential error
Jul 13 17:55:18 hostname com.ubuntu.
$ grep "credential error" JournalErrors.txt OneConf[ 1889]: ERROR:oneconf. networksync. ssohandler: credential error OneConf[ 1889]: ERROR:oneconf. networksync. ssohandler: credential error OneConf[ 1889]: ERROR:oneconf. networksync. ssohandler: credential error OneConf[ 1889]: ERROR:oneconf. networksync. ssohandler: credential error OneConf[ 1889]: ERROR:oneconf. networksync. ssohandler: credential error OneConf[ 1889]: ERROR:oneconf. networksync. ssohandler: credential error OneConf[ 1889]: ERROR:oneconf. networksync. ssohandler: credential error OneConf[ 1889]: ERROR:oneconf. networksync. ssohandler: credential error OneConf[ 1889]: ERROR:oneconf. networksync. ssohandler: credential error OneConf[ 1889]: ERROR:oneconf. networksync. ssohandler: credential error OneConf[ 1889]: ERROR:oneconf. networksync. ssohandler: credential error OneConf[ 1889]: ERROR:oneconf. networksync. ssohandler: credential error OneConf[ 1889]: ERROR:oneconf. networksync. ssohandler: credential error
Jul 11 12:49:22 hostname com.ubuntu.
Jul 11 12:49:22 hostname com.ubuntu.
Jul 11 12:49:44 hostname com.ubuntu.
Jul 11 12:49:44 hostname com.ubuntu.
Jul 12 19:08:56 hostname com.ubuntu.
Jul 12 19:14:44 hostname com.ubuntu.
Jul 13 11:34:53 hostname com.ubuntu.
Jul 13 11:38:02 hostname com.ubuntu.
Jul 13 17:50:19 hostname com.ubuntu.
Jul 13 17:55:18 hostname com.ubuntu.
Jul 13 18:17:27 hostname com.ubuntu.
Jul 13 18:44:22 hostname com.ubuntu.
Jul 13 18:50:08 hostname com.ubuntu.
These errors would certainly correspond with "every few minutes" and, if actually accompanied with a dialog box, would be often enough to be insanely frustrating.
If there's something to configure in the system settings | Online Accounts, there might be an easy way to fix this; if not, I might be tempted to try apt-get purge account- plugin- ubuntuone and see what happens from there.