https://bugs.kde.org/show_bug.cgi?id=359451
Bug ID: 359451
Summary: Impossible to use separate wallets for different
applications
Product: frameworks-kwallet
Version: unspecified
Platform: openSUSE RPMs
OS: Linux
Status: UNCONFIRMED
Severity: major
Priority: NOR
Component: general
Assignee: va...@kde.org
Reporter: stu...@anchev.net
CC: kdelibs-b...@kde.org
The documentation of KWallet says it is possible to use separate wallets for
storing local and network passwords. However it does not explain how local and
network are defined. Additionally, although one can create a separate local
wallet, there seems to be no way to tell a program "you should use this
particular wallet" and all programs actually use the main wallet. In other
words - no application ever asks to store/read data in the local wallet.
Practically this means that this function exists just as an idea and not as
something usable.
Why this is a problem:
If one wants to store local (LAN) credentials it makes sense to put those in
the local wallet, separately. For example when using Dolphin in a LAN. But that
is impossible as Dolphin always stores data in the default wallet (as explained
above). So if at the same time one allows a browser (say chromium) to use the
same wallet, this means that the browser gets full access to local passwords
too. And that is a potential security problem. We must be able to isolate
sensitive data per application.
I have tried to search for info without luck. It seems nobody can answer the
question "How to use separate wallets for particular programs". Even asking in
the KDE forum didn't help:
https://forum.kde.org/viewtopic.php?f=225&t=131015
I hope someone familiar with the development of KWallet can look into this and
possibly provide info and/or a fix.
I am using openSUSE Leap 42.1 with Plasma 5. Everything is up to date with the
official repos.
--
You are receiving this mail because:
You are watching all bug changes.
