I would like to request autoconnection of password-manager-service for the authenticator snap.
Authenticator is a two-factor authenticator and requires access to the user’s keyring to store secrets. The app isn’t functional without that access.
Thanks for your consideration
Ken
The standard guidance when snaps request auto-connection to the password-manager-service is as follows:
When connecting the password-manager-service, your snap is able to access all stored secrets, but also your snap’s secrets can be accessed by any other applications with access to the service (including snaps which also have the password-manager-service connected). Since this may not be desirable or obvious to users, in general, we discourage auto-connection of password-manager-service and instead suggest that applications using this interface detect its availability (eg, with snap is-connected password-manager-service) and show a dialog with instructions on how to connect the interface manually (eg, with snap connect, the snap store GUI, etc). Ideally when instructing the user, the details of the access will be explained so the user can make an informed choice. While this is an extra step for the user, if done well the process should provide additional trust that your snap and the system as a whole are working together to keep the user’s passwords secure. Alternatively, the snap may choose to store the secrets outside the keyring in an area private to the snap. -1 to auto-connect.
As such, -1 to auto-connect from me since I really don’t think system-wide 2FA secrets should be automatically accessible to other apps / snaps without the user being able to make a conscious decision in this case.
@alexmurray do you know of any prior art for this? Like a shell script with a zenity dialog? Upstream won’t have any interest in this and without access to the keyring the app just crashes. It would be nice if we had a template snapcraft part that packagers could base this on.
If there isn’t one, I’ll create it. But I’d expect at least one snap would have had to do this in the past.
Looking at other snaps which have requested password-manager-service the best I could find was this by @popey:
Since the user voice is critical due to the sensitive nature of such access if granted as explained, I am -1 then for auto-connect password-manager-service to authenticator.
0 votes for, +2 votes against, not granting auto-connection of password-manager-service to authenticator
