I have a hard time understanding the benefits of the keyring (e.g. GNOME keyring). I get the convenience parts - I don’t have to enter password for something every time I want to use it (e.g. mounted encrypted drive) and I don’t have to create a secret for some background stuff (applications keys). But the problem is, if I understand it correctly, that every application has the same access to my keyring, so, in theory, a malicious application can just read my Signal key and they can just read all my Signal messages right? Is there a point, then, in encrypting e.g. local database (like Signal) if the key to that database is readily available anyway? Any input is welcome. thanks!
KDE requires giving permissions to an app that wants to access kwallet also. I’m sure gnome does something similar.
Giving permission from the user? That would be points for KDE actually. On GNOME I have never been asked, so I doubt it has it.
Yeah - I’ve been asked “application nextcloud wants to access wallet
kdewallet” or something. I think it remembers the app for future requests though.