bug#29575: 25.3; Secret Service API treats labels as unique

bug-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#29575: 25.3; Secret Service API treats labels as unique

From:	Allen Li
Subject:	bug#29575: 25.3; Secret Service API treats labels as unique
Date:	Tue, 12 Dec 2017 19:41:50 -0800

On Tue, Dec 12, 2017 at 12:35 AM, Michael Albinus
<michael.albinus@gmx.de> wrote:
> Allen Li <vianchielfaura@gmail.com> writes:
>
> Hi Allen,
>
>> Yes, I plan on implementing a personal password manager using the API.
>
> Is it a standalone program, or an Emacs package? In the latter case I
> recommend to try auth-sources.el. It is the default "password manager"
> in Emacs. The Secret Service API is integrated as one backend, although
> there's room for improvement.

I envision a frontend to a password store, so not a password manager
in the sense that Emacs Lisp code calls out to it to retrieve
passwords.  My understanding is that auth-source.el fulfills the
latter role.  I want more something to store secrets that I can recall
interactively through various frontends, one of which would be through
Emacs.

>>> Well, inside the org.freedesktop.Secret.{Service,Collection,Item}
>>> interfaces, an item is identified by an object path. We could extend our
>>> interface to allow both label and object path as item, and to throw away
>>> the "unique label rule" inside collections.
>>
>> That sounds like a better starting idea.  One problem that comes to
>> mind is that the object path could be a valid label value, I think.
>
> That's possible, yes. But I doubt it will happen in reality. At least in
> Emacs we could check, that a label doesn't look like an object path, and
> suppress such items for being considered.
>
>> I don’t think the specification places any guarantees on the object
>> path either, e.g. if another program modifies an Item, does that
>> change the object path from under us?  That would cause race bugs.
>
> secrets.el registers for several signals already, like
> "org.freedesktop.DBus.NameOwnerChanged",
> "org.freedesktop.Secret.Service.CollectionCreated" and
> "org.freedesktop.Secret.Service.CollectionDeleted".
>
> We could also register for the signals
> "org.freedesktop.Secret.Collection.ItemCreated",
> "org.freedesktop.Secret.Collection.ItemDeleted" and
> "org.freedesktop.Secret.Collection.ItemChanged" in order to be notified
> about such changes.
>
> I don't know whether I have sufficient time to work on secrets.el next
> weeks. Would you be interested in providing respective patches for secrets.el?

Sorry, I can’t commit to that.

>
> Best regards, Michael.

[Prev in Thread]

Current Thread

[Next in Thread]

bug#29575: 25.3; Secret Service API treats labels as unique, Allen Li, 2017/12/05
- bug#29575: 25.3; Secret Service API treats labels as unique, Michael Albinus, 2017/12/11
  - bug#29575: 25.3; Secret Service API treats labels as unique, Allen Li, 2017/12/11
    - bug#29575: 25.3; Secret Service API treats labels as unique, Michael Albinus, 2017/12/12
    - bug#29575: 25.3; Secret Service API treats labels as unique, Allen Li <=
    - bug#29575: 25.3; Secret Service API treats labels as unique, Ted Zlatanov, 2017/12/13

Prev by Date: bug#29583: [PATCH] 25.2.50; Allow setting a custom TERM for comint
Next by Date: bug#13399: 24.3.50; Word-wrap can't wrap at zero-width space U-200B
Previous by thread: bug#29575: 25.3; Secret Service API treats labels as unique
Next by thread: bug#29575: 25.3; Secret Service API treats labels as unique
Index(es):
- Date
- Thread