Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Password in non-default keychain are copied to login keychain #2878

Closed
cyberduck opened this issue Jan 11, 2009 · 7 comments
Closed

Password in non-default keychain are copied to login keychain #2878

cyberduck opened this issue Jan 11, 2009 · 7 comments

Comments

@cyberduck
Copy link
Collaborator

@cyberduck cyberduck commented Jan 11, 2009

anonymous created the issue

Passwords already registered in a keychain different from ~/Library/Keychains/login.keychain will be read and copied to ~/Library/Keychains/login.keychain (which defeats the whole point of storing them in a different keychain)

The code to read passwords in keychains different from ~/Library/Keychains/login.keychain was included 1ec8991 in 3.1, in order to fix issue #2001

I only checked this using FTP.

@cyberduck
Copy link
Collaborator Author

@cyberduck cyberduck commented Jan 12, 2009

@dkocher commented

In 00e64f9.

@cyberduck
Copy link
Collaborator Author

@cyberduck cyberduck commented Feb 2, 2009

anonymous commented

the issue still exists in 3.1.2. if you log into a ftp-account with password saved in a non-default keychain, login is ok. as soon as you download a file (with open new connection instead of use browser connection) cyberduck tries to save the password in the default keychain again.

@cyberduck
Copy link
Collaborator Author

@cyberduck cyberduck commented Mar 20, 2009

@dkocher commented

#3057 closed as duplicate.

@cyberduck
Copy link
Collaborator Author

@cyberduck cyberduck commented Apr 13, 2009

@dkocher commented

Milestone 3.2 deleted

@cyberduck
Copy link
Collaborator Author

@cyberduck cyberduck commented Nov 26, 2009

76be774 commented

The bug is still there in v3.3 (5552). This one makes it impossible to store passwords securely. Added to unusable SFTP (#12134) make one wonder why Cyberduck has a serious lack of priority for security.

Are things like S3 or Rackspace support really more requested than solid SSH and Keychain support?

@cyberduck
Copy link
Collaborator Author

@cyberduck cyberduck commented Nov 27, 2009

@dkocher commented

Replying to [comment:7 chocolate.camera@…]:

The bug is still there in v3.3 (5552). This one makes it impossible to store passwords securely.

In 7c19aa2.

@cyberduck
Copy link
Collaborator Author

@cyberduck cyberduck commented Jan 16, 2010

@dkocher commented

#3336 closed as duplicate.

@iterate-ch iterate-ch locked as resolved and limited conversation to collaborators Nov 26, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

No branches or pull requests

2 participants