'security' Keychain Access

kel1 · August 20, 2013, 6:11pm

Hi,

When I run the following script with valid keychain password, the system asks something like:

with buttons “Allow”, “Deny”, and “Always Allow”:

do shell script "security unlock-keychain -p kcPassword 'MyKeychain.keychain'"
do shell script "security 2>&1 find-generic-password -a kelhome -g"

Is it secure to always allow security access?

Edited: oops, forgot to redirect output to the trash:

do shell script "security unlock-keychain -p kcPassword 'MyKeychain.keychain'"
do shell script "security 2>&1 >/dev/null find-generic-password -a kelhome -g"

Edited: oops again . Forgot the added -w option:

do shell script "security unlock-keychain -p kcPassword 'MyKeychain.keychain'"
set r to (do shell script "security find-generic-password -a kelhome -gw")
display dialog r

Edited: I would think it is secure because you still need the password to unlock the keychain.

Thanks,
kel

Model: MBP
AppleScript: AS 2.2.4
Browser: Safari 536.28.10
Operating System: Mac OS X (10.8)

kel1 · August 21, 2013, 3:47pm

That’s ok. It seems like the password is the important thing. Here’s some documentation:

https://developer.apple.com/library/mac/documentation/Security/Conceptual/keychainServConcepts/02concepts/concepts.html

Thanks anyway,
kel