-
-
Notifications
You must be signed in to change notification settings - Fork 24
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
support biometrics/ app locking #24
Comments
That's an interesting idea. There is a Flutter plugin for that, so it could be doable: I'm curious, though: how do you secure the file itself? Orgro doesn't store anything so the source file must be accessible through other means; if that's not locked down then adding a lock to Orgro isn't very meaningful. |
while it is true that files.app doesn’t have faceID unlock the way some other applications do (yet), i do like having app locks when possible anyway. My threat model here is overly curious people that I have temporarily loaned my phone to, not anything more truly secure than that until such time as files.app provides real support, perhaps in iOS 14 🤞 |
You could have orgro encrypt sections per #33 and unlock/decrypt a given file's encrypted sections with biometrics (or a passcoce). That way you can store the keys in a safe app-specific storage location. Added suggestion: You could also have orgro insert an elisp block which would decrypt the pgo'd text automatically when org-mode in emacs opens/runs the file. Not sure how to reconcile that with safely storing the key though. Maybe insert a password protected version as a comment within the elisp block and decrypt it? |
I don't see any API, at least in the Flutter package linked above, allowing use of biometrics to encrypt/decrypt or store values. All it offers is getting a boolean representing whether the user was recognized or not. |
``` ══╡ EXCEPTION CAUGHT BY SCHEDULER LIBRARY ╞═════════════════════════════════════════════════════════ The following assertion was thrown during a scheduler callback: Layer OffsetEngineLayer was previously used as oldLayer. Once a layer is used as oldLayer, it may not be used again. Instead, after calling one of the SceneBuilder.push* methods and passing an oldLayer to it, use the layer returned by the method as oldLayer in subsequent frames. 'dart:ui/compositing.dart': Failed assertion: line 110 pos 9: '<optimized out>' Either the assertion indicates an error in the framework itself, or we should provide substantially more information in this error message to help you determine and fix the underlying cause. In either case, please report this assertion by filing a bug on GitHub: https://github.com/flutter/flutter/issues/new?template=2_bug.md When the exception was thrown, this was the stack: #2 _EngineLayerWrapper._debugCheckNotUsedAsOldLayer (dart:ui/compositing.dart:110:9) #3 SceneBuilder.addRetained.<anonymous closure>.recursivelyCheckChildrenUsedOnce (dart:ui/compositing.dart:695:21) #4 List.forEach (dart:core-patch/growable_array.dart:416:8) #5 SceneBuilder.addRetained.<anonymous closure>.recursivelyCheckChildrenUsedOnce (dart:ui/compositing.dart:701:18) #6 SceneBuilder.addRetained.<anonymous closure> (dart:ui/compositing.dart:704:7) #7 SceneBuilder.addRetained (dart:ui/compositing.dart:707:6) #8 Layer._addToSceneWithRetainedRendering (package:flutter/src/rendering/layer.dart:671:15) #9 ContainerLayer.addChildrenToScene (package:flutter/src/rendering/layer.dart:1284:13) #10 OffsetLayer.addToScene (package:flutter/src/rendering/layer.dart:1421:5) #11 Layer._addToSceneWithRetainedRendering (package:flutter/src/rendering/layer.dart:674:5) #12 ContainerLayer.addChildrenToScene (package:flutter/src/rendering/layer.dart:1284:13) #13 ClipRectLayer.addToScene (package:flutter/src/rendering/layer.dart:1590:5) #14 Layer._addToSceneWithRetainedRendering (package:flutter/src/rendering/layer.dart:674:5) #15 ContainerLayer.addChildrenToScene (package:flutter/src/rendering/layer.dart:1284:13) #16 OffsetLayer.addToScene (package:flutter/src/rendering/layer.dart:1421:5) #17 Layer._addToSceneWithRetainedRendering (package:flutter/src/rendering/layer.dart:674:5) #18 ContainerLayer.addChildrenToScene (package:flutter/src/rendering/layer.dart:1284:13) #19 OffsetLayer.addToScene (package:flutter/src/rendering/layer.dart:1421:5) #20 Layer._addToSceneWithRetainedRendering (package:flutter/src/rendering/layer.dart:674:5) #21 ContainerLayer.addChildrenToScene (package:flutter/src/rendering/layer.dart:1284:13) #22 OffsetLayer.addToScene (package:flutter/src/rendering/layer.dart:1421:5) #23 Layer._addToSceneWithRetainedRendering (package:flutter/src/rendering/layer.dart:674:5) #24 ContainerLayer.addChildrenToScene (package:flutter/src/rendering/layer.dart:1284:13) #25 TransformLayer.addToScene (package:flutter/src/rendering/layer.dart:1914:5) #26 ContainerLayer.buildScene (package:flutter/src/rendering/layer.dart:1097:5) #27 RenderView.compositeFrame (package:flutter/src/rendering/view.dart:231:37) #28 RendererBinding.drawFrame (package:flutter/src/rendering/binding.dart:514:18) #29 WidgetsBinding.drawFrame (package:flutter/src/widgets/binding.dart:869:13) #30 RendererBinding._handlePersistentFrameCallback (package:flutter/src/rendering/binding.dart:375:5) #31 SchedulerBinding._invokeFrameCallback (package:flutter/src/scheduler/binding.dart:1271:15) #32 SchedulerBinding.handleDrawFrame (package:flutter/src/scheduler/binding.dart:1200:9) #33 SchedulerBinding._handleDrawFrame (package:flutter/src/scheduler/binding.dart:1058:5) #34 _invoke (dart:ui/hooks.dart:145:13) #35 PlatformDispatcher._drawFrame (dart:ui/platform_dispatcher.dart:338:5) #36 _drawFrame (dart:ui/hooks.dart:112:31) (elided 2 frames from class _AssertionError) ════════════════════════════════════════════════════════════════════════════════════════════════════ ```
I don't think it makes sense to require biometrics or authentication merely to open the app or view plain text files. But it would make sense to have biometric auth in order to protect e.g. a private key stored in Orgro for decrypting content (see #33). Relevant libraries: |
In iOS 18 you can now set any app to require biometrics in order to open. I think for the purposes of this request it makes a lot more sense as an OS-level feature, so hopefully stock Android will follow suit. |
happy to close this out (for iOS) since ios 18.x does this now already. |
I store personal and confidential information in my org documents.
As an enhancement, would you consider adding support for optionally requiring FaceID/TouchID/device PIN to unlock the app?
The text was updated successfully, but these errors were encountered: