Security Considerations? #6
Comments
|
Commit f713a2a has introduced an AppleScript dialog that prompts for a keychain's password. That is not a system dialog, it is a dialog under control of the script. The typed password is stored in a script variable. This means that the password is written to the script process's memory. Since AppleScript does not have explicit memory management, AFAIK it is not possible to control the persistence of the password in memory. The change was (reluctantly) made to make the script work in High Sierra (and possibly Sierra as well), where Keychain Access kept prompting for passwords regardless of Access Control settings. It seems to me that Mojave has fixed Keychain Access behaviour, so it might be possible to revert that change. I have to check, though. |
|
Do you know if Keychain does some explicit memory management of the password to prevent it from being read by another process. Would it just be thrown on the heap or stack somewhere? Thanks
… On Nov 3, 2018, at 06:42, Lifepillar ***@***.***> wrote:
Commit f713a2a has introduced an AppleScript dialog that prompts for a keychain's password. That is not a system dialog, it is a dialog under control of the script. The typed password is stored in a script variable. This means that the password is written to the script process's memory. Since AppleScript does not have explicit memory management, AFAIK it is not possible to control the persistence of the password in memory.
The change was (reluctantly) made to make the script work in High Sierra (and possibly Sierra as well), where Keychain Access kept prompting for passwords regardless of Access Control settings. It seems to me that Mojave has fixed Keychain Access behaviour, so it might be possible to revert that change. I have to check, though.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub, or mute the thread.
|
|
I don't really know. I have moved away from Keychain Access long time ago (that's why I have written this script). |
You mention that the "script always asks for the password to unlock your keychain (you recognise the dialog by the Script Editor icon). Since that dialog is not very secure, it is recommended that you change your keychain's password in Keychain.app before exporting your keychain, and restore the original password afterwards."
Do you have further information on the attack vector here? Is it based on:
o Unknown origin of this script?
o Applescript security vulnerability?
o Memory storage of the password? But then, how would Keychain app handle this?
I'm trying to keep a portable backup of my Keychain data and was hoping this script would solve this. I'm just concerned about security implications and having to change the Keychain login password every time.
Thanks for the pointers.
The text was updated successfully, but these errors were encountered: