[Bug 1786607] [NEW] gnome-keyring caches PGP password eternally

[Launchpad Bug Tracker]

You have been subscribed to a public bug:

I've been using the program `Pass` to manage my passwords, which uses a
PGP key that I created for this purpose. I began noticing that after my
first use of the passphrase gnome-keyring would cache the passphrase and
no longer request it. This is a security issue as anyone with access to
my machine can gain access to all of my passwords.

I assumed the settings could be tweaked, so I used `dconf-editor` to
edit the `gpg-cache-method` file to use `timeout` instead of the default
setting. I also changed the `gpg-cache-ttl` to 1 second from the
default, which was 300 I believe. I then restarted the keyring with `$
gnome-keyring-daemon -r`.

This successfully reset the keyring and I was prompted for my password.
However, it only worked once. After entering the password, gnome-keyring
cached my password and this survives logging out or restarting the
computer.

ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: gnome-keyring 3.28.0.2-1ubuntu1.18.04.1
ProcVersionSignature: Ubuntu 4.15.0-30.32-generic 4.15.18
Uname: Linux 4.15.0-30-generic x86_64
NonfreeKernelModules: nvidia_modeset nvidia
ApportVersion: 2.20.9-0ubuntu7.2
Architecture: amd64
CurrentDesktop: ubuntu:GNOME
Date: Sat Aug 11 07:38:49 2018
InstallationDate: Installed on 2018-04-26 (106 days ago)
InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180425.1)
ProcEnviron:
 TERM=xterm-256color
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: gnome-keyring
UpgradeStatus: No upgrade log present (probably fresh install)

** Affects: gnupg2 (Ubuntu)
     Importance: Low
         Status: New


** Tags: amd64 apport-bug bionic gnome-keyring
-- 
gnome-keyring caches PGP password eternally
https://bugs.launchpad.net/bugs/1786607
You received this bug notification because you are a member of Ubuntu Foundations Bugs, which is subscribed to gnupg2 in Ubuntu.