Re: #7076 - Keychain access on Mac
| От | Dave Page |
|---|---|
| Тема | Re: #7076 - Keychain access on Mac |
| Дата | |
| Msg-id | CA+OCxoxfbi5YrCGLOZf=KO8hMFRKf6XNQK1WchqvMt8UpHmv7A@mail.gmail.com обсуждение исходный текст |
| Ответ на | #7076 - Keychain access on Mac (Yogesh Mahajan <yogesh.mahajan@enterprisedb.com>) |
| Ответы |
Re: #7076 - Keychain access on Mac
|
| Список | pgadmin-hackers |
On Mon, 5 Aug 2024 at 13:27, Yogesh Mahajan <yogesh.mahajan@enterprisedb.com> wrote:
Hi Hackers,Issue #7076 has been reported by many Mac users. Issue has popped up when python binary version is changed for the pgadmin.To save server passwords, pgadmin uses os level secret storage (in case of Mac it is keyring) and adds an entry for each save password. Whenever the python binary version is changed, keychain (python lib used to access keychain) asks for a password 2 times for accessing each entry. If you have 10 servers, then it will ask for 20 times.To fix the issue, pgadmin will follow the same approach as chrome.1.An encryption key will be auto-generated and will be stored in the keychain.2.Whenever save password request is received, encryption key will be used to encrypt password and encrypted password will be saved in the pgadmin database.3.Similarly, while retrieving the password, encryption will be pulled from the keychain and will be used to decrypt the password.This will reduce password asks to 2 times on python binary version change.
That sounds almost like returning to the way things used to work with the master password, except we auto-generate it, and store that in the keychain. I assume we'd do the same on all platforms, using whatever the equivalent store is on each?
Any idea why it asks for the login password twice per access on macOS?
Dave Page
pgAdmin: https://www.pgadmin.org
В списке pgadmin-hackers по дате отправления: