pinentry-gtk-2 SIGABRT when unable to grab keyboard

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

pinentry-gtk-2 SIGABRT when unable to grab keyboard

Stanislav Ochotnicky-2
Hi,


we received quite a few bugreports about pinentry-gtk-2 abort-ing when
it's unable to grab keyboard. See:
https://bugzilla.redhat.com/show_bug.cgi?id=554884


I can see why we should be careful when unable to grab keyboard
(passphrase sniffing, accidental input of passphrase to wrong window
etc). But I am also wondering if we can make this better, because let's
face it...crashing on users is not OK under normal circumstances. And
pinentry can be used in situations when it cannot grab keyboard
immediately but has to wait a bit...

Code causing behaviour in question:
if (gdk_keyboard_grab (win->window, FALSE, gdk_event_get_time (event)))
    g_error ("could not grab keyboard");


Abort happens in function grab_keyboard and can quite easily be
reproduced by doing following (from bug #554884):
 1. execute echo getpin | pinentry-gtk-2
 2. change to another workspace using mouse (keyboard is grabbed)
 3. change back to previous workspace using keyboard shortcut


I believe changing workspace should not cause pinentry-gtk-2 to abort
because this could be used for example to change to workspace with
password manager program. There are also other ways to trigger this
behaviour.

I can think of either gracefully exiting pinentry-gtk-2, or even
better...provide some sort of visual clue that there is a problem with
grabbing keyboard and that user should not start typing their password
yet. Myabe I missed some aspect of the problem entirely, so feel free to
enlighten  me.



Regards,

--
Stanislav Ochotnicky <[hidden email]>
Associate Software Engineer - Base Operating Systems Brno

Mobile: +420 775 633 759
Red Hat Inc.                               http://cz.redhat.com



_______________________________________________
Gpa-dev mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gpa-dev

signature.asc (205 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: pinentry-gtk-2 SIGABRT when unable to grab keyboard

Werner Koch
On Mon, 26 Apr 2010 14:31, [hidden email] said:

> Code causing behaviour in question:
> if (gdk_keyboard_grab (win->window, FALSE, gdk_event_get_time (event)))
>     g_error ("could not grab keyboard");

The g_error causes the abort.  This is probably because the function
name g_error does not indicate that this is fatal.  It would have been
much better if the gtk folks would have named this g_fatal or g_die.  I
stepped into this trap several times in the past.

Anyway I changed it so that the output will be

OK Your orders please

** (pinentry-gtk-2:20766): CRITICAL **: could not grab keyboard
ERR 83886179 canceled

> I believe changing workspace should not cause pinentry-gtk-2 to abort
> because this could be used for example to change to workspace with
> password manager program. There are also other ways to trigger this

It is actually intended that you can't use a password manager -
gpg-agent is the password manager!  If it would be possible to cut and
paste between windows other programs could do this as well; we try to
make this harder by grabbing the keyboard.  Put "no-grab" into
gpg-agent.conf if you don't like this feature.


Salam-Shalom,

   Werner

--
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


_______________________________________________
Gpa-dev mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gpa-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: pinentry-gtk-2 SIGABRT when unable to grab keyboard

Marcus Brinkmann
On 04/26/2010 06:08 PM, Werner Koch wrote:
> It is actually intended that you can't use a password manager -
> gpg-agent is the password manager!

gpg-agent can cache passphrases, but it does not commit them to persistent
storage, and also does not provide a wallet-like functionality.  If it is
intended to replace those, we should add these features.

Thanks,
Marcus

_______________________________________________
Gpa-dev mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gpa-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: pinentry-gtk-2 SIGABRT when unable to grab keyboard

Koos Pol-4
In reply to this post by Werner Koch
On maandag 26 april 2010, Werner Koch wrote:

> It is actually intended that you can't use a password manager -
> gpg-agent is the password manager!  If it would be possible to cut and
> paste between windows other programs could do this as well; we try to
> make this harder by grabbing the keyboard.  Put "no-grab" into
> gpg-agent.conf if you don't like this feature.

I miss this dearly. I'd like to use strong passwords generated by KeepassX,
but the inability to copy/paste makes this impossible. Hence I use one easy to
remember password for all my keys. If there is any way around, I'd want to be
the first to know :-)

Cheers,
Koos

--
http://www.malarianomore.org
For $10 a mosquito net + distribution + education + monitoring + evaluation.


_______________________________________________
Gpa-dev mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gpa-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: pinentry-gtk-2 SIGABRT when unable to grab keyboard

Werner Koch
In reply to this post by Marcus Brinkmann
On Mon, 26 Apr 2010 21:28, [hidden email] said:

> gpg-agent can cache passphrases, but it does not commit them to persistent
> storage, and also does not provide a wallet-like functionality.  If it is
> intended to replace those, we should add these features.

Good point.


Salam-Shalom,

   Werner

--
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


_______________________________________________
Gpa-dev mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gpa-dev
Loading...