Removing a remote connection unconditionally reaches out to the secret service even if there aren't any credentials set
To reproduce
- Lock your keyring;
- Create a remote connection (without credentials);
- Remove the remote connection.
- Observe that fragments will request the keyring to be unlocked in order for the connection to be removed.
Relevant dbus-monitor
output when a remote server is removed:
method call time=1649537923.317063 sender=:1.14536 -> destination=org.freedesktop.DBus serial=1 path=/org/freedesktop/DBus; interface=org.freedesktop.DBus; member=Hello
method return time=1649537923.317115 sender=org.freedesktop.DBus -> destination=:1.14536 serial=1 reply_serial=1
string ":1.14536"
signal time=1649537923.317132 sender=org.freedesktop.DBus -> destination=(null destination) serial=4936 path=/org/freedesktop/DBus; interface=org.freedesktop.DBus; member=NameOwnerChanged
string ":1.14536"
string ""
string ":1.14536"
signal time=1649537923.317159 sender=org.freedesktop.DBus -> destination=:1.14536 serial=2 path=/org/freedesktop/DBus; interface=org.freedesktop.DBus; member=NameAcquired
string ":1.14536"
method call time=1649537923.327658 sender=:1.14536 -> destination=org.freedesktop.secrets serial=2 path=/org/freedesktop/secrets; interface=org.freedesktop.Secret.Service; member=OpenSession
string "dh-ietf1024-sha256-aes128-cbc-pkcs7"
variant array of bytes [
b0 fd 29 cf 88 2d 7e d5 90 ba c5 39 ba e7 0f 6f ca b2 3d 1b 47 31 f7
e7 d0 64 3f e3 a6 f6 8a a4 f6 5b 37 74 2f 53 b3 b4 b0 21 30 bf b1 dd
80 23 dd 33 30 12 f9 29 ae 36 35 82 71 df 2b e4 1c 41 1b e9 ec 38 b2
38 2b cf 0f cf 97 6c ea 1d f6 58 8e db 45 a5 a9 7a dd aa f7 a5 d8 01
bc 13 0f 2a 53 44 bf e7 41 3a 87 db 9c 26 35 04 64 09 a0 2e cb 2a 12
d1 25 a3 6f 0f 40 68 12 24 0f 7e a8 66
]
method call time=1649537923.328482 sender=:1.3889 -> destination=org.freedesktop.DBus serial=134 path=/org/freedesktop/DBus; interface=org.freedesktop.DBus; member=AddMatch
string "type='signal',sender='org.freedesktop.DBus',interface='org.freedesktop.DBus',member='NameOwnerChanged',arg0=':1.14536'"
method call time=1649537923.343892 sender=:1.3889 -> destination=org.freedesktop.DBus serial=135 path=/org/freedesktop/DBus; interface=org.freedesktop.DBus; member=GetConnectionUnixProcessID
string ":1.14536"
method return time=1649537923.343962 sender=org.freedesktop.DBus -> destination=:1.3889 serial=36 reply_serial=135
uint32 3174362
method return time=1649537923.349619 sender=:1.3889 -> destination=:1.14536 serial=136 reply_serial=2
variant array of bytes [
74 da 54 93 b5 40 b2 29 96 31 92 13 c4 ca 12 6d 7e d3 ca 74 e0 e2 e0
de ce 4a c3 c9 53 8a bf 92 05 d4 b0 1f b9 7c a9 a9 89 ef bf 2c 2a 8a
8a dd 34 b0 36 05 c6 24 83 d5 0d 76 b3 17 03 0a 88 bf 97 11 c1 6f f1
5f ec 30 a4 64 82 16 bb 0d b6 11 96 72 45 5e c6 f8 6e 85 c7 fd c2 21
c0 4f 89 2a e2 30 5e f8 ed 72 0b 31 25 a4 57 23 3b 3f d9 8e 40 42 e6
6b 4c 75 28 f0 a0 13 b1 b0 ad bd fa 6d
]
object path "/org/freedesktop/secrets/session/f7011dbbab2c40f19224aa06d433c88f"
method call time=1649537923.360259 sender=:1.14536 -> destination=org.freedesktop.secrets serial=3 path=/org/freedesktop/secrets; interface=org.freedesktop.Secret.Service; member=ReadAlias
string "default"
method return time=1649537923.361056 sender=:1.3889 -> destination=:1.14536 serial=137 reply_serial=3
object path "/"
method call time=1649537923.361655 sender=:1.14536 -> destination=org.freedesktop.secrets serial=4 path=/org/freedesktop/secrets; interface=org.freedesktop.Secret.Service; member=CreateCollection
array [
dict entry(
string "org.freedesktop.Secret.Item.Label"
variant string "default"
)
]
string "default"
method return time=1649537923.362471 sender=:1.3889 -> destination=:1.14536 serial=138 reply_serial=4
object path "/"
object path "/org/freedesktop/secrets/prompt/aee53d0ccdcc4de6b4c9c6fe774fd258"
method call time=1649537923.363089 sender=:1.14536 -> destination=org.freedesktop.DBus serial=5 path=/org/freedesktop/DBus; interface=org.freedesktop.DBus; member=AddMatch
string "type='signal',path_namespace='/org/freedesktop/secrets/prompt/aee53d0ccdcc4de6b4c9c6fe774fd258',interface='org.freedesktop.Secret.Prompt',member='Completed'"
method return time=1649537923.363139 sender=org.freedesktop.DBus -> destination=:1.14536 serial=3 reply_serial=5
method call time=1649537923.363481 sender=:1.14536 -> destination=org.freedesktop.secrets serial=6 path=/org/freedesktop/secrets/prompt/aee53d0ccdcc4de6b4c9c6fe774fd258; interface=org.freedesktop.Secret.Prompt; member=Prompt
string ""
signal time=1649537924.889692 sender=:1.3889 -> destination=(null destination) serial=139 path=/org/freedesktop/secrets/prompt/aee53d0ccdcc4de6b4c9c6fe774fd258; interface=org.freedesktop.Secret.Prompt; member=Completed
boolean true
variant object path "/"
method return time=1649537924.889796 sender=:1.3889 -> destination=:1.14536 serial=140 reply_serial=6
signal time=1649537924.890930 sender=org.freedesktop.DBus -> destination=:1.14536 serial=7 path=/org/freedesktop/DBus; interface=org.freedesktop.DBus; member=NameLost
string ":1.14536"
signal time=1649537924.890995 sender=org.freedesktop.DBus -> destination=(null destination) serial=37 path=/org/freedesktop/DBus; interface=org.freedesktop.DBus; member=NameOwnerChanged
string ":1.14536"
string ":1.14536"
string ""
method call time=1649537924.891468 sender=:1.3889 -> destination=org.freedesktop.DBus serial=141 path=/org/freedesktop/DBus; interface=org.freedesktop.DBus; member=RemoveMatch
string "type='signal',sender='org.freedesktop.DBus',interface='org.freedesktop.DBus',member='NameOwnerChanged',arg0=':1.14536'"