[manage-credentials] should not ask for Launchpad password directly
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
launchpadlib |
Fix Released
|
Undecided
|
Unassigned | ||
ubuntu-dev-tools (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Binary package hint: ubuntu-dev-tools
OAuth protects against phishing attacks, but only if we train users not to enter their Launchpad password unless 1) they're in their web browser, 2) their browser is pointed at *.launchpad.net. Nothing in the OAuth protocol itself that prevents phishing--it just makes it possible to educate users.
manage-credentials contains code to get an OAuth credential by, basically, phishing: asking the user for their Launchpad password and logging in for them. manage-credentials doesn't store the user's password or do anything bad with it, but its existence trains users to give their Launchpad password to anyone who asks for it. It also prevents users from making a decision of how much they trust the application they're using.
If it's too difficult to get credentials with launchpadlib, we need to fix launchpadlib. Subverting our security model is not the answer.
Related branches
- Aaron Bentley (community): Needs Fixing
- Diff: None lines
- Graham Binns (community): Approve
-
Diff: 391 lines8 files modifiedsetup.py (+1/-1)
src/launchpadlib/credentials.py (+44/-3)
src/launchpadlib/docs/command-line.txt (+1/-1)
src/launchpadlib/docs/hosted-files.txt (+1/-1)
src/launchpadlib/docs/introduction.txt (+78/-13)
src/launchpadlib/docs/people.txt (+1/-0)
src/launchpadlib/launchpad.py (+19/-12)
src/launchpadlib/testing/helpers.py (+19/-3)
- Abel Deuring (community): Approve (code)
-
Diff: 586 lines5 files modifiedsrc/launchpadlib/apps.py (+131/-1)
src/launchpadlib/bin/launchpad-credentials-console (+54/-0)
src/launchpadlib/credentials.py (+37/-17)
src/launchpadlib/docs/command-line.txt (+173/-3)
src/launchpadlib/testing/helpers.py (+28/-3)
- Gary Poster: Approve
-
Diff: 584 lines5 files modifiedsrc/launchpadlib/apps.py (+129/-1)
src/launchpadlib/bin/launchpad-credentials-console (+54/-0)
src/launchpadlib/credentials.py (+37/-17)
src/launchpadlib/docs/command-line.txt (+173/-3)
src/launchpadlib/testing/helpers.py (+28/-3)
- Edwin Grubbs (community): Approve (code)
-
Diff: 569 lines5 files modifiedsrc/launchpadlib/apps.py (+45/-0)
src/launchpadlib/credentials.py (+219/-0)
src/launchpadlib/docs/browser.txt (+5/-1)
src/launchpadlib/docs/trusted-client.txt (+160/-0)
src/launchpadlib/testing/helpers.py (+89/-0)
Changed in ubuntu-dev-tools (Ubuntu): | |
status: | Triaged → In Progress |
status: | In Progress → Confirmed |
Changed in launchpadlib: | |
status: | New → In Progress |
Changed in launchpadlib: | |
status: | In Progress → Triaged |
summary: |
- manage-credentials should not ask for Launchpad password directly + [manage-credentials] should not ask for Launchpad password directly |
You're right, this does seem a bit suspicious. From looking at the code, it appears that this part is optional anyway, so perhaps we can just take this out and it'll use the web auth that is already in there? I'd need to test though.
fyi, the code that does the login is approve_application in ubuntutools/ lp/libsupport. py