search

keepassxreboot / keepassxc

KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.
https://keepassxc.org/
Other
20.61k stars 1.43k forks source link

Does not respect clearance of recent database history #10817

Closed guidot closed 3 months ago

guidot commented 3 months ago

Overview

Even though I cleared the history of recent databases, KeepassXC keeps remembering at least one of them and wants to open it on next start. And it's not even the most recently used one.

Steps to Reproduce

  1. Have two databases A and B unlocked. A is the one you use daily, B only on rare occasions.
  2. Lock B.
  3. Clear the history of recently used databases.
  4. Shut down KeepassXC.
  5. Restart KeepassXC

Expected Behavior

KeepassXC opens without asking for a password for any of the recently used databases and without listing any recently used database.

Actual Behavior

KeepassXC opens with the unlock dialog for database B. If you cancel that dialog you still see the list of recently used databases. It takes at least another round of clearing the history and restarting for KeepassXC respecting the changes.

Context

This is especially annoying if a secret services client triggers the start of KeepassXC on login and KeepassXC keeps asking for the password for B even though only A is configured for secret services. Related issue. (This happened also years ago, but since I rarely use a second db, I forgot about it.)

KeePassXC - Version 2.7.8 Revision: f6757d3

Qt 5.15.13 Debugging mode is disabled.

Operating system: openSUSE Tumbleweed CPU architecture: x86_64 Kernel: linux 6.9.1-1-default

Enabled extensions:

Cryptographic libraries:

Operating System: Linux Desktop Env: KDE Windowing System: X11

droidmonkey commented 3 months ago

You left B open on application close, which by definition makes it a recently used database and will be opened again. Disable the application setting to remember database history, or don't leave a database open on application close.

guidot commented 3 months ago

But I also cleared the history. Are you saying that the app has a hidden list of what it considers recent which is different from what it shows to the user?

droidmonkey commented 3 months ago

You cleared the history with a database still open therefore you will have history when the application is closed with that database still open.

guidot commented 3 months ago

Ah, I guess I found the culprit: I used the analogy from real life that something locked is also closed, but you call a db open when shown in a tab, even when in locked state, right?

droidmonkey commented 3 months ago

That is correct, "open" means the database file is registered to a tab in the application (we hide tabs when only one is open, but still applies here). "locked" means the database is not decrypted in memory.