Ticket #2878 (closed defect: fixed)

Opened 14 months ago

Last modified 8 weeks ago

Password in non-default keychain are copied to login keychain

Reported by: anonymous Owned by: dkocher
Priority: normal Milestone: 3.3.1
Component: core Version: 3.1.2
Severity: normal Keywords: keychain password
Cc:

Description

Passwords already registered in a keychain different from ~/Library/Keychains/login.keychain will be read and copied to ~/Library/Keychains/login.keychain (which defeats the whole point of storing them in a different keychain)

The code to read passwords in keychains different from ~/Library/Keychains/login.keychain was included r4428 in 3.1, in order to fix issue #2001

I only checked this using FTP.

Attachments

Change History

  Changed 14 months ago by dkocher

  • status changed from new to assigned
  • milestone set to 3.1.2

  Changed 14 months ago by dkocher

  • status changed from assigned to closed
  • resolution set to fixed

In r4467.

  Changed 14 months ago by dkocher

  • component changed from ftp to core

  Changed 13 months ago by anonymous

  • status changed from closed to reopened
  • version changed from 3.1.1 to 3.1.2
  • resolution fixed deleted

the issue still exists in 3.1.2. if you log into a ftp-account with password saved in a non-default keychain, login is ok. as soon as you download a file (with open new connection instead of use browser connection) cyberduck tries to save the password in the default keychain again.

  Changed 12 months ago by dkocher

  • milestone changed from 3.1.2 to 3.2

#3057 closed as duplicate.

  Changed 11 months ago by dkocher

  • milestone changed from 3.2 to 3.3

Milestone 3.2 deleted

follow-up: ↓ 8   Changed 4 months ago by chocolate.camera@…

The bug is still there in v3.3 (5552). This one makes it impossible to store passwords securely. Added to unusable SFTP (#185) make one wonder why Cyberduck has a serious lack of priority for security.

Are things like S3 or Rackspace support really more requested than solid SSH and Keychain support?

in reply to: ↑ 7   Changed 3 months ago by dkocher

  • status changed from reopened to closed
  • resolution set to fixed
  • milestone changed from 3.5 to 3.4

Replying to chocolate.camera@…:

The bug is still there in v3.3 (5552). This one makes it impossible to store passwords securely.

In r5590.

  Changed 8 weeks ago by dkocher

  • summary changed from Password in non-default keychain are copied to default one to Password in non-default keychain are copied to login keychain

  Changed 8 weeks ago by dkocher

#3336 closed as duplicate.

Add/Change #2878 (Password in non-default keychain are copied to login keychain)

Author


E-mail address and user name can be saved in the Preferences.


Action
as closed
Next status will be 'reopened'
 
Note: See TracTickets for help on using tickets.