I always thought as the secret for things that should not be saved non-encrypted on disk, not for things that should be kept hidden from other applications. And if that is your threat model, you should look into virtual machines.
I always thought as the secret for things that should not be saved non-encrypted on disk, not for things that should be kept hidden from other applications. And if that is your threat model, you should look into virtual machines.
There are no excuses, this protocol is just terrible: it could have been made much much more secure without any kind of virtualisation or sandboxing.
For example, the kernel could be used[1] to store the secrets in memory and only authorize the userspace process that created it to read it; other processes could request access to a secret and only be given if you accept.
[1]: https://docs.kernel.org/security/keys/core.html
That’s exactly what it’s for. Parent is just being rude for no reason.
[dead]