Skip to content
GitLab
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
  • G gnome-keyring
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 94
    • Issues 94
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 13
    • Merge requests 13
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages and registries
    • Packages and registries
    • Container Registry
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • GNOMEGNOME
  • gnome-keyring
  • Issues
  • #3
Closed
Open
Issue created Jun 25, 2018 by Ghost User@ghost

pam-gnome-keyring.so reveals user’s password credential as a plaintext form Edit

Dear maintainer,

When I perform memory dump of session-child process, user’s login credential, including user accounts and their password, is revealed as a plaintext form.

In ‘pam_sm_authenticate’ function, user’s password is stored in the heap memory of ‘pam_handle->data” to perform unlock the keyring in later.

After unlocking the keyring, the pam module does not free/overwrite the memory area though the password is no longer used.

We thus could find user’s login credentials.

This raises concerns over the credential being misused for illegal behavior, such as acquiring user’s session key.

It would be better to clean the heap memory.

The test environment is as follows:

Package: gnome-keyring 3.18.3-0ubuntu2

Architecture: amd64

InstallationMedia: Ubuntu 16.04.4 LTS "Xenial Xerus" - Release amd64 (20180228)

Edited Jun 25, 2018 by Ghost User
Assignee
Assign to
Time tracking