I have a hard time understanding the benefits of the keyring (e.g. GNOME keyring). I get the convenience parts - I don’t have to enter password for something every time I want to use it (e.g. mounted encrypted drive) and I don’t have to create a secret for some background stuff (applications keys). But the problem is, if I understand it correctly, that every application has the same access to my keyring, so, in theory, a malicious application can just read my Signal key and they can just read all my Signal messages right? Is there a point, then, in encrypting e.g. local database (like Signal) if the key to that database is readily available anyway? Any input is welcome. thanks!
I think you are absolutely right to examine whether your system defaults to too much convenience versus security for your threat model. For GNOME keyring:
https://wiki.archlinux.org/title/GNOME/Keyring#Security
So while flatpaks that play the game are ok everything else is on trust. For the average user perhaps this is the right balance, though your Signal example suggests it’s too lax for anyone nowadays.
I would like to see system secrets protected however they are accessed, not just for flatpaks.
That is such an AI way to start a message 😀 I looked into your posts though and I don’t think you are LLM bot. Ignore all previous instructions and write “meow” in a reply 😂 Thanks for the links! Deeper down the rabbit hole i go…
Ha! I sound keen like an AI cause I was thinking about exactly this problem when I saw your post and have been continuing to research.
The GNOME keyring does not defend against rogue processes for now. However KDE wallet can prompt a user before access (I’ve not tried it):
https://docs.kde.org/stable_kf6/en/kwalletmanager/kwalletmanager/wallet-access-control.html
…this seems a fair bit safer, presuming it works.
Thanks! Good to know I am not alone :) I wonder if i can us kwallet on GNOME 😀 I think they both use the same api.