Mailinglist Archive: opensuse-bugs (3334 mails)

< Previous Next >
[Bug 977941] deleting stored passswords without warning
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Sat, 07 May 2016 19:03:08 +0000
  • Message-id: <bug-977941-21960-zkpYLEbPGq@http.bugzilla.opensuse.org/>
http://bugzilla.opensuse.org/show_bug.cgi?id=977941
http://bugzilla.opensuse.org/show_bug.cgi?id=977941#c3

Nick Levinson <Nick_Levinson@xxxxxxxxx> changed:

What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|NORESPONSE |---
Flags|needinfo?(Nick_Levinson@yah |
|oo.com) |

--- Comment #3 from Nick Levinson <Nick_Levinson@xxxxxxxxx> ---
I wasn't logged in till now, so I'm reopening and here's the info.

"By using the openSUSE update-alternatives the password store for Chromium is
changed to utilize Gnome's Keyring. Please be aware that by this change the old
password [sic] are no longer accessible and are also not converted to Gnome's
Keyring." That's for chromium-desktop-gnome 50.0.2661.94-97.1, installed May 4,
2016, as part of OS Updates ("Includes performance, stability and security
improvements."). This was not part of the updates for Chromium, which I forgot
to read this time.

In general: Every few mornings, a software update is made available and I go
through the process. The Software app opens, with the Updates button
preselected. A horizontal bar appears, maybe more than one, offering updates,
often to the OS, sometimes to an app like Chromium. Clicking one of those bars
gets a dialog that lists one or more specific updates, usually numbered,
usually not consecutively. Clicking one of those updates takes me to a rough
description of what that particular update will do, such as fix a security bug
in a certain daemon. I close that dialog. The Software app shows a blue button
at the top of its window that says something like Restart & Install. I click
that button, my laptop warm-reboots, time passes, and then I'm invited to log
into my laptop again, which means it has warm-rebooted again. When an openSuse
desktop reappears, a balloon announcement that software was updated appears. A
button to review the update is included and I click it. The Software app
reopens and sometimes a dialog listing one or more updates appears. Although
the dialog looks like the similar pre-update dialog, it's not the same.
Instead, when I click on one of the one or more entries listing what has been
done, I can see a description of the software package that was updated, such as
a description of a library and what it's for. It is not a description of what
update was performed but of what software the update applied to. But it is in
one of those post-update descriptions of software itself that there is a notice
that old passwords will not be available. Besides the recent one quoted above,
I've seen probably the same wording in the past couple of weeks or so and
probably a bunch of times over the last few months, perhaps as long as I've
been running openSuse 13.2 (I always run in evergreen mode).

Further research: If there's a searchable list of the post-update descriptions
of software packages that were updated sorted by update date, perhaps someone
will find many instances of it. Don't search the pre-update descriptions of
specific updates, because, while the pre-update announcement should mention the
password-loss problem, I think it hasn't ever. Search the post-update
descriptions only, to see how long this has been going on.

--
You are receiving this mail because:
You are on the CC list for the bug.
< Previous Next >