Date: Fri, 11 Apr 2008 12:34:33 -0400 From: Coleman Kane <cokane@cokane.org> To: Joe Marcus Clarke <marcus@marcuscom.com> Cc: gnome@freebsd.org Subject: Re: Seahorse issues Message-ID: <1207931673.48615.6.camel@localhost> In-Reply-To: <1207930492.48615.2.camel@localhost> References: <47FD09AC.2020907@FreeBSD.org> <1207776230.61729.28.camel@shumai.marcuscom.com> <47FD34E8.2000005@FreeBSD.org> <1207872846.87478.38.camel@shumai.marcuscom.com> <47FF66E3.8000304@FreeBSD.org> <47FF722B.109@FreeBSD.org> <1207929297.55415.13.camel@shumai.marcuscom.com> <1207930492.48615.2.camel@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 2008-04-11 at 12:14 -0400, Coleman Kane wrote: > On Fri, 2008-04-11 at 11:54 -0400, Joe Marcus Clarke wrote: > > On Fri, 2008-04-11 at 10:14 -0400, Coleman Kane wrote: > > > I removed your earleir patch, which has the side effect of causing > > > gnome_keyring_memory_try_alloc(size) to act in a manner that violates > > > its documentation, as well as causing the above bug. I then added the > > > three patches to security/seahorse which I posted into > > > http://bugzilla.gnome.org/show_bug.cgi?id=527193 today: > > > * http://bugzilla.gnome.org/attachment.cgi?id=109055 > > > * http://bugzilla.gnome.org/attachment.cgi?id=109056 > > > * http://bugzilla.gnome.org/attachment.cgi?id=109057 > > > > > > These three alter the behavior of Seahorse in the manner I described > > > above, and don't touch gnome-keyring. For all purposes, I *think* > > > gnome-keyring is acting properly here. The consumer of gnome-keyring > > > > You're right. I was hoping to hack g-k in such a way to avoid having to > > fix other broken consumers in the future. Of course, my approach was > > very wrong. > > Thanks for all the help on this. I've now got evolution working with GPG > pretty well. > > > > > > (seahorse) should first be testing if the features that it wants to use > > > are actually provided by the library before it blindingly attempts to > > > use them. This is, IMHO, why gnome-keyring provides the *_try(...) > > > versions of its securemem alloc functions. > > > > Fixing seahorse is the right thing to do. The bug has been moved into > > gnome-keyring's court, so you way want to get them to move it back. > > > > I made the change to the bug already. > > > > > > > Additionally, you'll get a seahorse g_warning about unavailable secure > > > memory now too. > > > > Thanks for your work here. Feel free to commit these patches to our > > seahorse port. > > > > Joe > > > > Thanks, I'll do that later this evening when I have some time after > work. > > -- > Coleman Kane Joe, Also it would seem that a similar patch should be applied to the following tools: - daemon/seahorse-daemon.c - plugins/applet/seahorse-applet.c - plugins/nautilus/seahorse-tool.c - src/main.c (for main "seahorse" program) So I will also look into patching those before I commit the final bundle to the port in question. That way we'll have "one PORTREVISION bump to fix them all". -- Coleman Kaen
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1207931673.48615.6.camel>