Add some improved logic to seahorse to have it gracefully fall back to insecure

memory usage for sensitive storage when gnome-keyring doesn't have the privileges to use mlock(2)/munlock(2). This behavior is much more useful than the ungraceful dereference of a NULL pointer (and subsequent crash of the seahorse programs) that currently is employed. This patch makes seahorse (and seahorse-agent, seahorse-daemon, etc.) warn the user about having to use secure memory so that consumers such as Evolution and other software can make use of seahorse. A larger and more valuable project would be to provide some sort of unprivileged user mlock(2) support in the base system. Some ideas are currently being discussed. Reviewed by: marcus, gnome@, imp Approved by: marcus (gnome)
svn path=/head/; revision=211196
2008-04-13 23:21:20 +00:00 · 2008-04-13 23:21:20 +00:00 · ce20a88849 · 2021-03-31 03:12:20 +00:00
commit ce20a88849
parent 270ad6b9a3
3 changed files with 54 additions and 0 deletions
--- a/security/seahorse/Makefile
+++ b/security/seahorse/Makefile
@ -8,6 +8,7 @@

 PORTNAME=	seahorse
 PORTVERSION=	2.22.1
+PORTREVISION=	1
 CATEGORIES=	security gnome
 MASTER_SITES=	GNOME
 DIST_SUBDIR=	gnome2
--- a/security/seahorse/files/patch-libseahorse_seahorse-secure-memory.c
+++ b/security/seahorse/files/patch-libseahorse_seahorse-secure-memory.c
@ -0,0 +1,42 @@
+--- libseahorse/seahorse-secure-memory.c.orig	2008-04-12 12:09:58.000000000 -0400
+++ libseahorse/seahorse-secure-memory.c	2008-04-12 12:10:05.000000000 -0400
+@@ -97,13 +97,31 @@
+ void
+ seahorse_secure_memory_init ()
+ {
+-    GMemVTable vtable;
+-    
+-    memset (&vtable, 0, sizeof (vtable));
+-    vtable.malloc = switch_malloc;
+-    vtable.realloc = switch_realloc;
+-    vtable.free = switch_free;
+-    vtable.calloc = switch_calloc;
+-    g_mem_set_vtable (&vtable);
+    if (seahorse_try_gk_secure_memory() == TRUE) {
+        GMemVTable vtable;
+
+        memset (&vtable, 0, sizeof (vtable));
+        vtable.malloc = switch_malloc;
+        vtable.realloc = switch_realloc;
+        vtable.free = switch_free;
+        vtable.calloc = switch_calloc;
+        g_mem_set_vtable (&vtable);
+    } else {
+        g_warning ("Unable to allocate secure memory from gnome-keyring.\n");
+        g_warning ("Proceeding with insecure password memory instead.\n");
+    }
+ }
+ 
+gboolean
+seahorse_try_gk_secure_memory ()
+{
+    gpointer p;
+
+    p = gnome_keyring_memory_try_alloc (10);
+    if (p != NULL) {
+        gnome_keyring_memory_free (p);
+        return TRUE;
+    }
+
+    return FALSE;
+}
--- a/security/seahorse/files/patch-libseahorse_seahorse-secure-memory.h
+++ b/security/seahorse/files/patch-libseahorse_seahorse-secure-memory.h
@ -0,0 +1,11 @@
+--- libseahorse/seahorse-secure-memory.h.orig	2008-04-11 09:33:34.000000000 -0400
+++ libseahorse/seahorse-secure-memory.h	2008-04-11 09:34:12.000000000 -0400
+@@ -34,6 +34,7 @@
+     } while (0)
+ 
+ /* This must be called before any glib/gtk/gnome functions */
+-void    seahorse_secure_memory_init         (void);
+void     seahorse_secure_memory_init         (void);
+gboolean seahorse_try_gk_secure_memory      (void);
+ 
+ #endif /* _SEAHORSE_SECURE_MEMORY_H_ */