pinentry-gtk-2 SIGABRT when unable to grab keyboard

[Stanislav Ochotnicky]

Hi,


we received quite a few bugreports about pinentry-gtk-2 abort-ing when
it's unable to grab keyboard. See:
https://bugzilla.redhat.com/show_bug.cgi?id=554884


I can see why we should be careful when unable to grab keyboard
(passphrase sniffing, accidental input of passphrase to wrong window
etc). But I am also wondering if we can make this better, because let's
face it...crashing on users is not OK under normal circumstances. And
pinentry can be used in situations when it cannot grab keyboard
immediately but has to wait a bit...

Code causing behaviour in question:
if (gdk_keyboard_grab (win->window, FALSE, gdk_event_get_time (event)))
    g_error ("could not grab keyboard");


Abort happens in function grab_keyboard and can quite easily be
reproduced by doing following (from bug #554884):
 1. execute echo getpin | pinentry-gtk-2
 2. change to another workspace using mouse (keyboard is grabbed)
 3. change back to previous workspace using keyboard shortcut


I believe changing workspace should not cause pinentry-gtk-2 to abort
because this could be used for example to change to workspace with
password manager program. There are also other ways to trigger this
behaviour.

I can think of either gracefully exiting pinentry-gtk-2, or even
better...provide some sort of visual clue that there is a problem with
grabbing keyboard and that user should not start typing their password
yet. Myabe I missed some aspect of the problem entirely, so feel free to
enlighten  me.



Regards,

-- 
Stanislav Ochotnicky <sochotnicky at redhat.com>
Associate Software Engineer - Base Operating Systems Brno

Mobile: +420 775 633 759
Red Hat Inc.                               http://cz.redhat.com


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20100426/6bc9bcc0/attachment.pgp>