Switch iOS to use the Posix login DB |
||||||||||
Issue descriptionThe LoginDatabase on iOS should work as on CrOS -- storing passwords in the database in plain text, relying on the OS-level storage protection. We need to do 2 steps: (1) Change the current behaviour of the LoginDatabase on iOS, which stores only IDs of passwords in the database, and the passwords themselves in the iOS keychain. (2) Move the database code completely upstream, removing any diffs in the downstream copy of Chromium, or special code in the internal iOS repo.
,
Aug 13 2015
This has been discussed with jww@, and tha password manager team, which overlaps with privacy a lot, but still, adding Privacy and Security labels as a FYI to the respective teams. Affected teams, feel free to remove the labels to reduce spam, if you are fine with the plan.
,
Aug 13 2015
@melandory -- given http://crbug.com/507778#c2, feel free to grab this one. But from our recent conversation I believe it is not currently on top of your list, so I kept it with me in case I get to it faster. Did not mean to steal it from you, though, so happy to give it back to you.
,
Aug 14 2015
I won't get to this until back from holiday. @melandory -- don't wait for me if you want to grab this (but it is OK if you don't find time, there is no rush).
,
Oct 6 2015
,
Nov 4 2015
Status update: upstream will be patched to match downstream pretty soon (https://codereview.chromium.org/1237403003/), after that we'll proceed to actually get rid of the iOS-specific code for LoginDatabase and migrate iOS to use the same as Linux and CrOS do.
,
Nov 6 2015
The following revision refers to this bug: https://chrome-internal.googlesource.com/bling/chromium.git/+/e45fbe60367757810e57bdc3d1fbf6c1ac7bc142 commit e45fbe60367757810e57bdc3d1fbf6c1ac7bc142 Author: melandory <melandory@google.com> Date: Fri Nov 06 10:35:07 2015
,
Nov 6 2015
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/f1db7f7c45a0e23cafc23f41d50ce607ce87c753 commit f1db7f7c45a0e23cafc23f41d50ce607ce87c753 Author: melandory <melandory@chromium.org> Date: Fri Nov 06 12:46:02 2015 [Password manager IOS upsteaming] Upstreaming login database BUG=520437 Review URL: https://codereview.chromium.org/1237403003 Cr-Commit-Position: refs/heads/master@{#358311} [modify] http://crrev.com/f1db7f7c45a0e23cafc23f41d50ce607ce87c753/components/components_tests.gyp [modify] http://crrev.com/f1db7f7c45a0e23cafc23f41d50ce607ce87c753/components/password_manager.gypi [modify] http://crrev.com/f1db7f7c45a0e23cafc23f41d50ce607ce87c753/components/password_manager/core/browser/login_database.cc [modify] http://crrev.com/f1db7f7c45a0e23cafc23f41d50ce607ce87c753/components/password_manager/core/browser/login_database.h [add] http://crrev.com/f1db7f7c45a0e23cafc23f41d50ce607ce87c753/components/password_manager/core/browser/login_database_ios.cc [add] http://crrev.com/f1db7f7c45a0e23cafc23f41d50ce607ce87c753/components/password_manager/core/browser/login_database_ios_unittest.cc
,
Nov 6 2015
Bug update: Thanks to melandory@'s #7 and #8, the downstream diff for //components/password_manager should disappear completely. The rest of this bug is upstream-only, switching iOS to use the Posix login DB.
,
Nov 24 2015
,
Dec 9 2015
,
Apr 11 2016
,
Apr 21 2016
,
May 31 2016
,
Jun 6 2016
,
Jan 20 2017
For my own record: https://developer.apple.com/library/content/documentation/FileManagement/Conceptual/FileSystemProgrammingGuide/FileSystemOverview/FileSystemOverview.html#//apple_ref/doc/uid/TP40010672-CH2-SW19 is a citation for the protection of Chrome's login database on iOS.
,
Apr 17
Also, https://crbug.com/827073#c9 suggests that `NSFileProtectionComplete` should be the storage class for files with passwords. (Removing melandory@, who switched teams, from Cc.) |
||||||||||
►
Sign in to add a comment |
||||||||||
Comment 1 by vabr@chromium.org
, Aug 13 2015