Secure testing team - Apr 2009 - Bug#523933: does not respect the 'do not muck with SSH' option anymore

Package: gnome-keyring
Version: 2.24.1-2
Severity: important
Tags: security

Hi,

Since sometime after the lenny release, gnome-keyring-daemon will always
run its half-assed ssh-agent component, even if the
/apps/gnome-keyring/daemon-components/ssh gconf option is set to
''false''
(which, according to the documentation, is supposed to prevent the ssh
component from starting).

Tagging this bug as ''security'', since gnome-keyring
- adds all keys to the keyring without asking
- does not respect or support ssh-add''s -c option (to require
  confirmation from the user before handing out a key)
- does not properly support ssh-add''s -x option (to lock the agent,
  preventing any use until ssh-add is called with -X and the _same_
  password)
- does not properly support ssh-add''s -D option (which removes all keys
  from the ssh agent). That is, calling ssh-add -D exits without an
  error message, but the keys are still there.

As such, an attacker who gets hold of the agent socket can access any
hosts the user has access to using his keys. This is Very Bad(tm).

Now that isn''t a problem as long as I can disable this horribly broken
piece of crap; but since I can''t, I guess I''ll have to get rid
of gdm
now.

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, ''unstable''), (500,
''testing''), (500, ''stable''), (1,
''experimental'')
Architecture: powerpc (ppc)

Kernel: Linux 2.6.26-1-powerpc
Locale: LANG=nl_BE.UTF-8, LC_CTYPE=nl_BE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages gnome-keyring depends on:
ii  dbus-x11                      1.2.12-1   simple interprocess messaging syst
ii  gconf2                        2.24.0-7   GNOME configuration database syste
ii  libc6                         2.9-4      GNU C Library: Shared libraries
ii  libdbus-1-3                   1.2.12-1   simple interprocess messaging syst
ii  libgconf2-4                   2.24.0-7   GNOME configuration database syste
ii  libgcrypt11                   1.4.4-2    LGPL Crypto library - runtime libr
ii  libglib2.0-0                  2.18.4-2   The GLib library of C routines
ii  libgp11-0                     2.24.1-2   Glib wrapper library for PKCS#11 -
ii  libgtk2.0-0                   2.14.7-4   The GTK+ graphical user interface 
ii  libhal1                       0.5.11-8   Hardware Abstraction Layer - share
ii  libpango1.0-0                 1.22.4-2   Layout and rendering of internatio
ii  libtasn1-3                    1.8-1      Manage ASN.1 structures (runtime)

Versions of packages gnome-keyring recommends:
ii  libpam-gnome-keyring          2.24.1-2   PAM module to unlock the GNOME key

gnome-keyring suggests no packages.

-- no debconf information