Bug 476576

Summary: gnome-keyring-daemon-wrapper continually annoys me
Product: [Fedora] Fedora Reporter: Need Real Name <lsof>
Component: gnome-sessionAssignee: Ray Strode [halfline] <rstrode>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: low Docs Contact:
Priority: low    
Version: rawhideCC: jmccann, lsof, rstrode, security-response-team, yaneti
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-01-08 22:09:19 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Need Real Name 2008-12-15 20:25:45 UTC 
When I run ssh-add, gnome-keyring-daemon-wrapper pops up and prompts me for a password.

I could understand this happening if I ssh to a box, but I am not, I am running a completely separate ssh agent, so I don't know why gnome is joining in!
Comment 1 Yanko Kaneti 2008-12-17 14:34:43 UTC 
$ gconftool-2 -s -t bool /apps/gnome-keyring/daemon-components/ssh false

should help you I guess
Comment 2 Need Real Name 2008-12-17 20:21:57 UTC 
Thanks, but I don't want to disable gnome-keyring-daemon, I want it to behave.

I am not sshing to a remote box with no unlocked key available, it would make sense in this case.

What I am doing is using ssh-agent to store an unlocked key. g-k-d should not be interfering in this case. This is why I reported the bug.
Comment 3 Need Real Name 2009-01-02 16:16:01 UTC 
It's just occurred to me that a program unexpectedly asking for the password to my public key might not be simply a bug - it might be a security issue.
Marking as security sensitive.
Comment 4 Tomas Hoger 2009-01-22 15:43:02 UTC 
(In reply to comment #3)
> It's just occurred to me that a program unexpectedly asking for the password to
> my public key might not be simply a bug - it might be a security issue.
> Marking as security sensitive.

This is more an issue of a safe UI design, rather than a real vulnerability.  If you're running untrusted programs that you expect to try to steal sensitive data, you may have bigger problem already.

Marking this public again, so it's easier for anyone to suggest how this can be improved if it's deemed requiring improvement.
Comment 5 Need Real Name 2009-01-22 17:00:04 UTC 
The problem was that of expectations: I am using a command line app (ssh-add), and a gui app pops up asking for a passphrase. Very odd.

It doesn't seem to do this any more, I guess someone changed the behaviour.