0 Replies
      Latest reply on Apr 28, 2019 5:55 AM by Thomas Tempelmann
      Thomas Tempelmann Level 1 Level 1 (0 points)

        This is more of a user's bug report than a call for help with a security API.

         

        This is the situation:

         

        I've long used a second keychain, next to the Login keychain, and I made this second keychain the DEFAULT. That means that any newly added keychain items ended up there instead of in the login keychain. My reasoning was that this gave me extra security: Even if someone figured out my Mac's admin password, the person would not automatically get access to most of my Keychain contents, as they were stored in a separate keychain with a SEPARATE password.

         

        This worked pretty well before Mojave: When I log in, as soon as any app or service want to access an item from that second keychain,

        the Unlock Keychain dialog pops up. Once I enter my pw, all the apps that were needing something out of it would continue, now getting access to their items.

         

        In Mojave, this went horribly wrong:

         

        At login, apps are still getting blocked until I enter my pw, but once I enter it, this does NOT unlock it for all pending keychain accesses. Instead, I am now asked once for EVERY app and service wanting to access that same keychain. This leads to over 40 such Unlock dialogs I have to confirm individually!

         

        Here's a video showing the effect: http://files.tempel.org/Various/Mojave%20Login%20Repeated%20Keychain%20Unlock.mov

         

        I had hoped that this would be a commonly known issue and be fixed by now, but nothing has changed.

         

        I had long considered reporting this via the bugreporter, but imagine trying to explain this behavior. How shall I describe how to reproduce this? This requires setting up an old system, then getting some services configured in a way that they request the items from the second keychain, then updating, and then hoping it happens. Even me setting up this situation, making sure it is reproducible, might cost me a full day. And then it'll be probably too complicated for the reviewer to reproduce, and the report will never get forwarded to anyone understanding what's going on.

         

        So, I hope I can reach someone here who would instantly recognize this behavior because, well, the fact that Mojave does not unlock the keychain after the first password input any more must have been a concious change, right? Though I hope it has been an unintended side effect and could be fixed.