Seahorse issues
Coleman Kane
cokane at cokane.org
Fri Apr 11 16:50:41 UTC 2008
On Fri, 2008-04-11 at 12:14 -0400, Coleman Kane wrote:
> On Fri, 2008-04-11 at 11:54 -0400, Joe Marcus Clarke wrote:
> > On Fri, 2008-04-11 at 10:14 -0400, Coleman Kane wrote:
> > > I removed your earleir patch, which has the side effect of causing
> > > gnome_keyring_memory_try_alloc(size) to act in a manner that violates
> > > its documentation, as well as causing the above bug. I then added the
> > > three patches to security/seahorse which I posted into
> > > http://bugzilla.gnome.org/show_bug.cgi?id=527193 today:
> > > * http://bugzilla.gnome.org/attachment.cgi?id=109055
> > > * http://bugzilla.gnome.org/attachment.cgi?id=109056
> > > * http://bugzilla.gnome.org/attachment.cgi?id=109057
> > >
> > > These three alter the behavior of Seahorse in the manner I described
> > > above, and don't touch gnome-keyring. For all purposes, I *think*
> > > gnome-keyring is acting properly here. The consumer of gnome-keyring
> >
> > You're right. I was hoping to hack g-k in such a way to avoid having to
> > fix other broken consumers in the future. Of course, my approach was
> > very wrong.
>
> Thanks for all the help on this. I've now got evolution working with GPG
> pretty well.
>
> >
> > > (seahorse) should first be testing if the features that it wants to use
> > > are actually provided by the library before it blindingly attempts to
> > > use them. This is, IMHO, why gnome-keyring provides the *_try(...)
> > > versions of its securemem alloc functions.
> >
> > Fixing seahorse is the right thing to do. The bug has been moved into
> > gnome-keyring's court, so you way want to get them to move it back.
> >
>
> I made the change to the bug already.
>
> > >
> > > Additionally, you'll get a seahorse g_warning about unavailable secure
> > > memory now too.
> >
> > Thanks for your work here. Feel free to commit these patches to our
> > seahorse port.
> >
> > Joe
> >
>
> Thanks, I'll do that later this evening when I have some time after
> work.
>
> --
> Coleman Kane
Joe,
Also it would seem that a similar patch should be applied to the
following tools:
- daemon/seahorse-daemon.c
- plugins/applet/seahorse-applet.c
- plugins/nautilus/seahorse-tool.c
- src/main.c (for main "seahorse" program)
So I will also look into patching those before I commit the final bundle
to the port in question. That way we'll have "one PORTREVISION bump to
fix them all".
--
Coleman Kaen
More information about the freebsd-gnome
mailing list