Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Click here to return to the 'Apps need unlocked keychain' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Apps need unlocked keychain
Authored by: Telluride on Apr 15, '02 10:28:29AM
I agree with you that Apple has definately overlooked a serious security issue here and should come up with a better model for protecting the keychain. Apparently the keychain has to be unlocked for applications to use it though. If I lock my keychain and then try to run an application which stores the password in the keychain (i.e. Entourage, Adium, iTools, etc) then when I run the application, it asks me for my keychain password so that it can get the stored password. Going back into the Keychain utility reveals that it is no longer locked. I am guessing that Apple's thinking is that if any application can access the stored passwords in the keychain, then any human can as well because the human could just write an application to access it. Therefore they just let the human access it directly. I call out to Apple to SERIOUSLY reconsider their security model here!!! Who uses their computer in a completly closed environment where random people are never walking by? Not me! I constantly think about what could happen if i left my computer sitting by itself for 5 minutes. For me, the best solution at this time is to not leave any important passwords in the Keychain. Furthermore, it is good security practice to have a password protected screen saver running. As far as fixing this problem though, it should not be that hard. Perhaps the keychain could be locked for everything except for an "acceptable application list." Furthermore, you should at least have to enter the keychain password to view the other passwords in the keychain. Finally, all keychain access should be logged so that people can see what's been going on in their system. I plead with you Apple, PLEASE CHANGE THIS!!

[ Reply to This | # ]