Conversation
|
I have experimented with the keyring some time ago and was quite disappointed. The main problem seemed to be that if the user did not have the keyring set up, the workflow for this user was getting quite complicated. What I failed to see was the actual added value from the security side. once the machine is copromised pretty much everything can be taken out of it. |
|
It is definitely better than the current variant. Here are some pros gnome wiki. We get very much complains about this topic. |
|
I would argue that in the case of a single-user laptop the only attack that this thing really protects from is reading the password from the disk (if the disk is not encrypted). Still I have nothing against supporting this but it will require quite a bit of testing. |
|
the way I get the keyring to work is by just setting s_8021x_data['password-flags'] = 1 instead of 0. The rest seems to be done "by magic", the password gets pushed into the keyring and the connection just works. What I remember from my old tests was that after a new install the keyring was not innitiated and this was causing problems as the initialization process started popping up and was conflicting with the rest of the flow. Can you explain why you need all this code? |
|
I have so far tested Ubuntu, Mint (Gnome) and OpenSUSE (both Gnome and KDE). I have set the flags to 1 and it worked with the keyring each time. On new installation the keyring needs to be initialized, this may be a bit confusing for the users. |
2 participants
This is only a first proposal. I want to put the PR up for discussion. With the virtual environment, we could solve the problem with missing pip modules. With the module keyring we could support GNOME Keyring and KWallet.
@twoln What do you think?