[sylpheed:32965] Re: feature request - master password to protect all account passwords
Hiroyuki Yamamoto
hiro-y at kcn.ne.jp
Thu May 7 15:06:11 JST 2009
Hello,
Sorry for the delayed response, because I was away on vacation.
On Sat, 2 May 2009 10:31:29 -0700 (PDT)
stef <stef_204 at yahoo.com> wrote:
>
> --- On Sat, 5/2/09, Bob White <bob at bob-white.com> wrote:
>
> > From: Bob White <bob at bob-white.com>
> > Subject: Re: [sylpheed:32959] Re: feature request - master password
> > to protect all account passwords To: sylpheed at sraoss.jp
> > Cc: stef_204 at yahoo.com, sylpheed at sraoss.jp
> > Date: Saturday, May 2, 2009, 8:48 AM
> > On Sat, 2 May 2009 07:30:51 -0700 (PDT)
> > stef <stef_204 at yahoo.com> wrote:
> >
> > >
> > > Hi,
> > >
> > > Just a quick summary on this security issue:
> > >
> > > Actually there are 2 issues: a) protect against
> > someone gaining access to Sylpheed by starting it up and
> > doing send/receive.
> > > b) protect against someone reading
> > .sylpheed-2.0/accountrc
> > >
> > > The only things I can think of for a) are:
> > >
> > > 1) Lock my session if I leave my desk at work; for
> > those whom do not use a Desktop Manager (KDE, Gnome, etc.)
> > but only a Window Manager (fluxbox, Openbox, etc.) it is a
> > bit complicated.
> > >
> > > 2) Protect the .sylpheed-2.0/accountrc file with
> > proper permissions:
> > >
> > > Mine is:
> > > % ls -l .sylpheed-2.0/accountrc
> > > -rw------- 1 stef stef 10641 2009-05-01 00:09
> > .sylpheed-2.0/accountrc
> > >
> > > But the above doesn't help with anyone gaining
> > access as "myself" when my box is running but I am
> > away from my desk.
> > >
> > > 3) Do not store the passwords: not a very good option
> > as I check over 10 accounts and use complex passwords very
> > difficult to remember. So that would be too inconvenient.
> > >
> > > The model 'passwords behind a password',
> > meaning a master password that would encrypt/decrypt (or a
> > gpg signature) the .sylpheed-2.0/accountrc file and then
> > lets Sylpheed read it would seem to make sense. But
> > developer efforts to implement need to be considered, as the
> > developer's time might be better served in focusing on
> > email features rather than security features. Hiro's
> > feedback on this issue would be nice.
> > >
> > > That summarizes my view of this issue.
> > >
> > > Thanks.
> > >
> >
> > To implement a quasi secure accountrc file it would be
> > fairly
> > straightforward. Instead of starting sylpheed directly,
> > run a script:
> > 1) decrypt sylpheedrc
> > 2) run sylpheed
> > 3) sylpheed exits -> encrypt sylpheedrc
> >
> > I'm not sure how to implement this with MS Windows.
> > Maybe a Windows
> > expert can tell us. :)
> >
> > Your account passwords are encrypted unless you are
> > actually running
> > sylpheed. Personally, I lock my session when I'm not
> > at the computer.
> > If I forget, it locks with the screensaver after 10
> > minutes. That
> > seems like enough security for email password for me, but I
> > also have
> > little exposure to other people physically accessing my
> > computer.
> >
> > I also use sdm (http://freshmeat.net/projects/sdm) to
> > remember the
> > hundreds of password I seem to need (email web sites,
> > etc.). I never
> > use the same password for two locations.
> >
> >
> > Bob W.
>
> Bob, I guess you have an idea there with the scripting in Linux.
>
> You should be able to do that in Windows as well by using gpg and a
> batch file I believe: write your own script.cmd file and put in there
> the commands. And run it to 1) decrypt and 2) launch Sylpheed
>
> But I don't know if in Windows you can start gpg in command line with
> parameters, etc.--but I don't see why it wouldn't be possible.
>
> It would be a bit convoluted as far as an email client is concerned
> and I thought having an optional Master Password feature (like
> Thunderbird has) would be an improvement in security.
>
> Here's some more info I found:
>
> <http://luxsci.com/blog/master-password-encryption-in-firefox-and-thunderbird.html>
>
> Anyway, I have harped on this issue enough and don't want to wear out
> my welcome....
>
> Perhaps Hiro will have some comments.
Actually I have received many requests about master password feature.
It will be implemented at some point in the future.
Currently I'm thinking how it should be implemented.
My current idea is:
- encrypt passwords with AES-128 (or something) with master password
- accountrc: password=(base64-encoded encrypted password)
(or encrypt the whole accountrc?)
- sylpheedrc: use_master_password=0/1
Of course this doesn't prevent someone gaining access to your computer
and take a look at already stored e-mails (they are also stored in plain
text).
--
Hiroyuki Yamamoto <hiro-y at kcn.ne.jp>
More information about the Sylpheed
mailing list