From ce20a888497a690f8cb8e5166cb39de70eb6ade8 Mon Sep 17 00:00:00 2001 From: Coleman Kane Date: Sun, 13 Apr 2008 23:21:20 +0000 Subject: Add some improved logic to seahorse to have it gracefully fall back to insecure memory usage for sensitive storage when gnome-keyring doesn't have the privileges to use mlock(2)/munlock(2). This behavior is much more useful than the ungraceful dereference of a NULL pointer (and subsequent crash of the seahorse programs) that currently is employed. This patch makes seahorse (and seahorse-agent, seahorse-daemon, etc.) warn the user about having to use secure memory so that consumers such as Evolution and other software can make use of seahorse. A larger and more valuable project would be to provide some sort of unprivileged user mlock(2) support in the base system. Some ideas are currently being discussed. Reviewed by: marcus, gnome@, imp Approved by: marcus (gnome) --- security/seahorse/Makefile | 1 + .../patch-libseahorse_seahorse-secure-memory.c | 42 ++++++++++++++++++++++ .../patch-libseahorse_seahorse-secure-memory.h | 11 ++++++ 3 files changed, 54 insertions(+) create mode 100644 security/seahorse/files/patch-libseahorse_seahorse-secure-memory.c create mode 100644 security/seahorse/files/patch-libseahorse_seahorse-secure-memory.h (limited to 'security/seahorse') diff --git a/security/seahorse/Makefile b/security/seahorse/Makefile index b0d67bca6f3b..6c5aaaae2811 100644 --- a/security/seahorse/Makefile +++ b/security/seahorse/Makefile @@ -8,6 +8,7 @@ PORTNAME= seahorse PORTVERSION= 2.22.1 +PORTREVISION= 1 CATEGORIES= security gnome MASTER_SITES= GNOME DIST_SUBDIR= gnome2 diff --git a/security/seahorse/files/patch-libseahorse_seahorse-secure-memory.c b/security/seahorse/files/patch-libseahorse_seahorse-secure-memory.c new file mode 100644 index 000000000000..4a6300bd26b9 --- /dev/null +++ b/security/seahorse/files/patch-libseahorse_seahorse-secure-memory.c @@ -0,0 +1,42 @@ +--- libseahorse/seahorse-secure-memory.c.orig 2008-04-12 12:09:58.000000000 -0400 ++++ libseahorse/seahorse-secure-memory.c 2008-04-12 12:10:05.000000000 -0400 +@@ -97,13 +97,31 @@ + void + seahorse_secure_memory_init () + { +- GMemVTable vtable; +- +- memset (&vtable, 0, sizeof (vtable)); +- vtable.malloc = switch_malloc; +- vtable.realloc = switch_realloc; +- vtable.free = switch_free; +- vtable.calloc = switch_calloc; +- g_mem_set_vtable (&vtable); ++ if (seahorse_try_gk_secure_memory() == TRUE) { ++ GMemVTable vtable; ++ ++ memset (&vtable, 0, sizeof (vtable)); ++ vtable.malloc = switch_malloc; ++ vtable.realloc = switch_realloc; ++ vtable.free = switch_free; ++ vtable.calloc = switch_calloc; ++ g_mem_set_vtable (&vtable); ++ } else { ++ g_warning ("Unable to allocate secure memory from gnome-keyring.\n"); ++ g_warning ("Proceeding with insecure password memory instead.\n"); ++ } + } + ++gboolean ++seahorse_try_gk_secure_memory () ++{ ++ gpointer p; ++ ++ p = gnome_keyring_memory_try_alloc (10); ++ if (p != NULL) { ++ gnome_keyring_memory_free (p); ++ return TRUE; ++ } ++ ++ return FALSE; ++} diff --git a/security/seahorse/files/patch-libseahorse_seahorse-secure-memory.h b/security/seahorse/files/patch-libseahorse_seahorse-secure-memory.h new file mode 100644 index 000000000000..354b563ac779 --- /dev/null +++ b/security/seahorse/files/patch-libseahorse_seahorse-secure-memory.h @@ -0,0 +1,11 @@ +--- libseahorse/seahorse-secure-memory.h.orig 2008-04-11 09:33:34.000000000 -0400 ++++ libseahorse/seahorse-secure-memory.h 2008-04-11 09:34:12.000000000 -0400 +@@ -34,6 +34,7 @@ + } while (0) + + /* This must be called before any glib/gtk/gnome functions */ +-void seahorse_secure_memory_init (void); ++void seahorse_secure_memory_init (void); ++gboolean seahorse_try_gk_secure_memory (void); + + #endif /* _SEAHORSE_SECURE_MEMORY_H_ */ -- cgit v1.2.3