http://bugzilla.suse.com/show_bug.cgi?id=965738 http://bugzilla.suse.com/show_bug.cgi?id=965738#c1 Raymond Wooninck changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |studio@anchev.net Flags| |needinfo?(studio@anchev.net | |) --- Comment #1 from Raymond Wooninck --- Ok. I tried to reproduce this with firefox and chromium-dev (which is close to trunk). As you indicated I just used any credentials to login, but for both browsers I am seeing the same effect. In Firefox, the page is refreshed, but still shows the entered credentials with the following text in red: Невалидно потребителско име или парола. Ако използвате Токен устройство при вход, за парола въведете слято ПИНт на TOKEN и еднократна парола, генерирана от него. При 4 неуспешни опита, достъпът ще бъде блокиран. With the chromium-dev build, I see exactly the same thing happening. Also here the screen is refreshed, entered credentials still shown and the same text in red. This looks more that the stable build of Chromium has an issue that got resolved with a later build. You indicated that you tried it with Chrome as well. Do you know with which build that was ? From the UserAgent, it seems you have tested this with chromium-48.0.2564.82. There is an update available to version 48.0.2564.103, which will be submitted soon to Leap. It would be good to see if you had the same version fro chrome (48.0.2564.82) or that you tested it with the latest chrome (48.0.2564.103), which is available since last week wednesday, but due to tarball unavailability I couldn't build chromium yet. Maybe other distributions are patching chromium, but on openSUSE I am trying to stay as close as possible to the official tarball. Of course it will never be equal to chrome, but it comes very close to it. I find it really weird that Google/Chrome is reacting in this way. I will bring this up in the discussion forum for the chromium packagers. Please let me know about the chromium/chrome versions. -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.suse.com/show_bug.cgi?id=965738 http://bugzilla.suse.com/show_bug.cgi?id=965738#c3 --- Comment #3 from George Anchev --- BTW when testing you can switch to English on the bank website, so you can read the messages (top right link on the page) -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.suse.com/show_bug.cgi?id=965738 http://bugzilla.suse.com/show_bug.cgi?id=965738#c5 --- Comment #5 from George Anchev --- Thanks for explaining. Then I will wait for the update. -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.suse.com/show_bug.cgi?id=965738 http://bugzilla.suse.com/show_bug.cgi?id=965738#c7 --- Comment #7 from George Anchev --- (In reply to Andreas Stieger from comment #6)

Actually, let's test this now. :-) George, could you switch the package to the network:chromium repo and see if this fixes your issue? https://software.opensuse.org/ymp/network:chromium/openSUSE_Leap_42.1/ chromium.ymp?base=openSUSE%3ALeap%3A42.1&query=chromium

Ok, I updated to Version 48.0.2564.103 (64-bit) according to your instruction. Unfortunately the issue remains. -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.suse.com/show_bug.cgi?id=965738 http://bugzilla.suse.com/show_bug.cgi?id=965738#c8 --- Comment #8 from Raymond Wooninck --- (In reply to George Anchev from comment #7)

Ok, I updated to Version 48.0.2564.103 (64-bit) according to your instruction. Unfortunately the issue remains.

Ok, I am testing something to see if this is affecting something. Will report on this bugreport if I find something -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.suse.com/show_bug.cgi?id=965738 http://bugzilla.suse.com/show_bug.cgi?id=965738#c10 --- Comment #10 from Raymond Wooninck --- (In reply to George Anchev from comment #9)

Thanks.

BTW now Chromium asks me for access to KWallet. How can I prevent this?

Chromium is auto-detecting what is installed on your system. This means that you have a KDE desktop installed. If you do not want to use KWallet to securely store your password, but rather have it in an unprotected way, then you need to change the /usr/lib64/chromium/chromium-generic script and change the --password-store=detect on the last line in --password-store=basic -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.suse.com/show_bug.cgi?id=965738 http://bugzilla.suse.com/show_bug.cgi?id=965738#c12 --- Comment #12 from Raymond Wooninck --- (In reply to George Anchev from comment #11)

(In reply to Raymond Wooninck from comment #10)

...

Chromium is auto-detecting what is installed on your system. This means that you have a KDE desktop installed. If you do not want to use KWallet to securely store your password, but rather have it in an unprotected way, then you need to change the /usr/lib64/chromium/chromium-generic script and change the --password-store=detect on the last line in --password-store=basic

Hm. I actually just found and added to ~/.config/kwalletrc

[Auto Deny] mywallet=Chromium,Google Chrome

and now I am not getting the message.

Ok. I guess that the rejection of kwallet would make Chromium fallback on the basic password-store

But what do you mean unprotected? I have "Sync everything" enabled with my Google account. Is that insecure?

These two has nothing to do with each other. Your passwords are still stored on your local computer. This can either happen by using the GNOME keyring, the KDE KWallet or by a local text file. The GNome keyring and KDE KWallet are the ones that are secured and protected by encryption and additional passwords. The local text file however is just an ascii file which can be read by everyone. Regardless of which local password store you choose, if you have the Sync everything active, then it will synchronize also your passwords.

Also is there a way to explicitly point Chromium to use a particular separate wallet and not the one which other apps use?

As indicated the above three choices are available. There are no other options. As that you have a KDE desktop, chromium would go for the kwallet password store which is secure. As indicated you could redirect it to use the basic password store. But why do you not want chromium to store your passwords in kwallet ? What would be against it ? -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.suse.com/show_bug.cgi?id=965738 http://bugzilla.suse.com/show_bug.cgi?id=965738#c14 --- Comment #14 from Raymond Wooninck --- (In reply to George Anchev from comment #13)

(In reply to Raymond Wooninck from comment #12)

...

But why do you not want chromium to store your passwords in kwallet ? What would be against it ?

Actually I do want that, as it is encrypted. But in my wallet there are passwords for LAN SSH/SFTP access and I surely don't want the browser to access them as it accesses the same wallet. That's why I am asking if there is a way to use a separate wallet for chromium. But as far as I understand that is impossible?

Well, it will not mix those passwords up :) It will create an new entry in the wallet itself called "Chrome Form Data" and only that entry with the passwords underneath will be synchronized. I hope that you are aware that all KDE based applications have access to the wallet and could theoretically read all passwords. I guess a lot depends on how much do you trust applications. -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.suse.com/show_bug.cgi?id=965738 http://bugzilla.suse.com/show_bug.cgi?id=965738#c16 Raymond Wooninck changed: What |Removed |Added ---------------------------------------------------------------------------- Flags| |needinfo?(studio@anchev.net | |) --- Comment #16 from Raymond Wooninck --- Hi George, Could you update chromium again ? From the same repository as mentioned by Andreas in comment#6. The version of chromium is still 48.0.2564.103, but running rpm -q chromium should give you chromium-48.0.2564.103-823.1.x86_64. If the upgrade went successful, could you try again to see if this has resolved the bug ? Thanks -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.suse.com/show_bug.cgi?id=965738 http://bugzilla.suse.com/show_bug.cgi?id=965738#c18 --- Comment #18 from Raymond Wooninck --- Thanks for the feedback as this confirms my suspicion. Based on feedback and requests in the past we enabled for Chromium to build against certain system libraries instead of the in-source versions. I never actually enabled this for the Beta and Dev builds and therefore I couldn't initially reproduce your issue. As that it worked in the past, I assume that a recent update of ones of these libraries is causing the issue to appear. In order to prevent this issue from happening again, I will build chromium purely against the in-source libraries. I will leave it up to you if you want to revert back to using the chromium builds from the Leap Update repo or that you want to keep this network:chromium repo active. Both will provide the same, except that the network:chromium repository is always a couple of days ahead of the update repo. Thanks for testing. -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.suse.com/show_bug.cgi?id=965738 http://bugzilla.suse.com/show_bug.cgi?id=965738#c20 --- Comment #20 from Raymond Wooninck --- Well, You could disable the network:chromium repo, however this will not replace the Chromium you have installed on your system now. Which is good as that the solution is not available outside of the network:chromium repository at this moment. Later today I will submit the fixed version as a maintenance update, but this one will not automatically cause an update on your system. You would require to trigger this manually once the maintenance release is announced. Just keep this in mind :) -- You are receiving this mail because: You are on the CC list for the bug.