135

There is great function to lock the session/screen (Ctrl+Alt+L for shortcut if not going trought kickoff) but it affects all use.

And we have great Kwallet what stores passwords for applications like kopete, kmail and so on.
But the Kwallet integration has staid somewhere middle what it really should be.

If I have Kwallet closed and I open a kopete. It ask password for Kwallet. If I do not give it it prompts a WLM/ICQ/AOL passwords. If I do not give them, I get Kopete open and I can edit data.

If I do same to Kmail, I get the Kmail open and I can open any data what is locally downloaded (POP, some IMAPS settings and so on) and I can even write emails what gets sended when connection is allowed. So this allows other person to write emails to waiting line and when I come to computer and I press "Get/Send emails" button, they get sended as well.

I would like to see that Kwallet actually LOCKS the application totally. So you can not touch it at all then. You can close it and open it again but it stays locked.
[img]http://img3.imageshack.us/img3/338/lockedll.png[/img]

ps. There is other ideas how to lock the sensitive data from being tampered. This is just a mockup for locking the application UI itself.

Kwallet is a password reminder, not an application locker.
If you want to lock application, you need to set permission in user settings.

"Kwallet is a password reminder, not an application locker."

This is about passwords, not just lockin the application for user not to use it.

There are applications already using Kwallet, like Kopete, Kmail, Konversation, Amarok and Konqueror.

But, the Kwallet does not currently protect the personal files as it should.

As example when you have a Kwallet closed.

When you start Kmail, it ask Kwallet password. If you do not give it, you get pop-up asking password for every account what is configured to Kmail. If you do not give them, you get all the emails in front of you. You can browse all emails what are listed. You get your hands to information easily like your boyfriend/girlfriend emails what she/he has sended and for who. You do not need any password for that. You can even write emails and place them to queued status, so they get sended after the owner comes back and press "send/receive emails". You can do all kind nasty things just without the user password what Kwallet is trying to prehibit any one doing.

Kwallet is to protect password and account information. It should not show any information about account. On Kopete, you get it open but offline. But you can see all the other users who are on the list. You can even open the discussion history easily because you have access to the UI. Not all know how to start grepping your files on home folder.

The Kwallet one most important purpose is to keep your identify save. So no one else can pretend to be you. It fails on Kmail because you can so easily to place emais to be send later and user does not notice it if she/he does not check first "outbox" folder before receive/sends emails or type her/his Kwallet to allow Kmail to do it automatically.

"If you want to lock application, you need to set permission in user settings."

Explain how do you prohibit any other user to see email lists on Kmail, Kopete user lists and so on.

Kwallet even protects on the Amarok the Last.fm and Konqueror usernames. You can not touch those anyway.

I do not care so much about my email username or password if someone already can get to read any of those information who and when has sended emails to me and what I have done.
The Kwallet has then failed to protect my emails because Kmail has no way to block unauthorized access to my mails like Kwallet protects my webmail access by hiding username and password so the mails can even seen.

This is just a mockup for the UI itself when it gets locked. It could be just have a button and not input box to open Kwallet question again.

The data encryption should be done on other way as well, like to block the access to ~/.kde4/share/apps/kmail/mail/sent-mail/cur
That is then other thing how to do that because when you are out of computer, the session locking is enough for that as well the home partition encryption against LiveCD touching.

If you leave computer open and someone else need to do something with it and have access to some of your files (so you can not just offer guest account), you should be able to protect your identity with Kwallet for what purpose it is designed.

Question is, why to protect username and password when anyone can get access to your files without them?
We would not need Kwallet after all anyway because we could always just logout or lock the session by same reasons and store the data by unencrypted way and we would be as save as now even with KWallet.

Fri13 wrote:"Kwallet is a password reminder, not an application locker."

But, the Kwallet does not currently protect the personal files as it should.

As example when you have a Kwallet closed.

When you start Kmail, it ask Kwallet password. If you do not give it, you get pop-up asking password for every account what is configured to Kmail. If you do not give them, you get all the emails in front of you. You can browse all emails what are listed. You get your hands to information easily like your boyfriend/girlfriend emails what she/he has sended and for who. You do not need any password for that.

It is assumed that your boyfriend/girlfriend have their own accounts, password-protected. If you don't take that much care in setting up your system you can't expect your computer to know whether you are yourself or someone else.

Kwallet is to protect password and account information. It should not show any information about account.

If you don't give the password to open the wallet you can't see anything on the protected application pages. If you allow anyone else to use your computer with the wallet open it is you who are compromising security.

The Kwallet one most important purpose is to keep your identify save. So no one else can pretend to be you. It fails on Kmail because you can so easily to place emais to be send later and user does not notice it if she/he does not check first "outbox" folder before receive/sends emails or type her/his Kwallet to allow Kmail to do it automatically.[\quote]

KMail is entirely set up for one user. You need to be logged in as that user. You have to give the information required by your mail host. If your user permissions are set up correctly, and by default they will be, no-one else can read your mail. You appear to be allowing others to use your computer when you are logged in and the wallet open. That is as insecure as you can get.

"If you want to lock application, you need to set permission in user settings."

If you leave computer open and someone else need to do something with it and have access to some of your files (so you can not just offer guest account), you should be able to protect your identity with Kwallet for what purpose it is designed.

Question is, why to protect username and password when anyone can get access to your files without them?
We would not need Kwallet after all anyway because we could always just logout or lock the session by same reasons and store the data by unencrypted way and we would be as save as now even with KWallet.

Simple answer - they can't. You appear to be using your setup without any respect for security. If you don't use user-accounts, password protected, you choose to leave everything insecure. That's your choice. It's not the job of any package, kwallet or any other, to overrule that choice.

It is assumed that your boyfriend/girlfriend have their own accounts, password-protected. If you don't take that much care in setting up your system you can't expect your computer to know whether you are yourself or someone else.

What means that all media files (videos, photos, music etc) should never be stored to one user home directory, but to shared directoriy like /home/shared/ where then are set group access. And place all users to that one. Because others in family need to get hands on to those usually.

If you don't give the password to open the wallet you can't see anything on the protected application pages. If you allow anyone else to use your computer with the wallet open it is you who are compromising security.

That is the problem. The Kwallet is closed and anyone can access to the Kmail and a Kopete account information. Your own username and password for server are not only one what should be protected. But sended/received emails, addresbook and contacts on Kopete with message history.

The Kwallet is not protecting the personal information, just the login information.

"You appear to be using your setup without any respect for security."

Well, I must say that I am paranoid when it comes to security. I do not let my friends to my account if I am not around but I use guest account for them. What I just say are typical things what happens on normal users. I even use myself Ctrl+Alt+L to lock session when there is no one else in same room.

"If you don't use user-accounts, password protected, you choose to leave everything insecure."

That means the Kwallet has no other purpose at all than to protect online/offline functions when it is closed, so a malware could not steal your username/password from konqueror etc. But it's idea to protect your identity even for your friends etc when it is closed has no meaning. Because you should always use other accounts for others persons (as I do myself).
This means we could link the Kwallet to user login so when the KDE4 starts, the Kwallet gets opened. But it has no sense then because we could just forget the whole Kwallet then locking any account information from use and ask them just for second time. Instead we then should only focus to encrypt passwords by default everywhere when the user is not logged in and build sandboxes to every application. So even by example the konqueror tab1 what has suspicious javascript running on it, can not access to tab2 or any user information on the sites.

Just for question, why to use Kwallet to ask password on Kmail start, when no one else would have possibility to open it when using separated accounts and always logging out when someone else comes to computer?
We all could just use unencrypted login information storing and trust encrypted home directory and separated accounts. That is already enough for it so why even have a kwallet support for it to make a one unneeded step?

Same question can be placed to Kopete and even for konqueror. We do not need any encrypted and secure way to store usernames for different webpages because we can always lockout or use session locking. The Kwallet has no purpose at all on then.

The Kwallet would even work better if it would not allow application starting what it is protecting (example kopete and kmail) when the Kwallet is not opened/open with correct password.

Why to protect only the function to get online with kopete or send/receive emails with Kmail while you can see the history, contacts and even read emails and in best situation, send emails as owner, with less change for him/she to notice that when he/she itself does it?

[quote]That is the problem. The Kwallet is closed and anyone can access to the Kmail and a Kopete account information.[\quote]

Just explain to me please how someone else can see any of this when you are not logged in? When you are logged in the information is open to you. When your boyfriend/girlfriend is logged in it is not open to them. So how exactly are they seeing it?

I had very similar Idea, but better:

brainstorm.php?mode=idea&i=82811

My idea is earlier, so I think this idea is duplicate to my one.

Additionally, I understands, it needs deeper integration. We cannot only lock one application - we must also disallow to running new programs(process), when screen/session is locked.

Maybe is a way to realize this one idea in secure way(additional encrypted swap), but it needs to integrate this one idea into kernel.

My idea is also designed to solves problems with screen locker. We don't look application, what does nothink, example only playing movie. If application use us API, it can only tell: I do nothink special - don't look me! When screen is locked, only application displaying/processing secrets or not designed to working with our tool will be locked, for example GUI based debuger tool will be hidden(and now new programs will be runing by dolphin/krunner integration).

No, these ideas are different. Your idea, as best as I can tell, is to exclude certain windows from locking automatically, while this idea is to manually lock the specific window you want. They are dealing with the same problem, but the solution is different so they are different ideas.

Whats the point of locking an application when the user has direct access to the files (eg they could open up the emails directly).

The point of kwallet is that it encrypts information. So your screenshot only makes sense if its keeping the data of kmail encrypted. That isn't a bad idea really, but at some point it starts to make more sense to just do total-disk-encryption or implement a kernel-level security stack that disallows applications from reading data from each other (even if running as the same user). Nokia is implementing the latter for Maemo 6, it does sound like a good idea.

But in my opinion its out of scope for KDE. Would take man-months of infrastructure work before KDE could get involved.

It seams the usage case for this is simple, you allow somebody to use your computer (as such they can ruin your files, etc, but we assume they are not malicious), but want to lock your keychains, however that is pointless atm because if kopete/kmail/etc all stay logged in giving people access to all your online stuff.

A malicious user can still mess with your files and kill your programs but a nosey one can't
1) Send messages as you
2) Read your messages (well they could read pop files or the imap cache manually , but that's a lot of effort and for an online imap account will not work
3) Can't touch files in encrypted folders that are locked by your keychain
4) Can't change your playlist

So while this offers little true security it offers an easy compromise for the desktop (where moving people to a guest account is a bit much).

As a side note this sort of locking will come in useful when playing about with MPX and 2 separate users logged in

Marked as wontfix:
https://bugs.kde.org/show_bug.cgi?id=63207
https://bugs.kde.org/show_bug.cgi?id=114967

Maybe in future, there will be checkpoint/restore functionality working with Wayland apps, so you can hibernate process and crypt hibernation file.