KeePassDX
KeePassDX copied to clipboard
Kunzisoft
Keepassdx opens .org files by default on Graphene OS
Hi, I would like to intervene, because I am also a grapheneos user. On my pixel, indeed, after creating a file with a .org extension, and attempt to open it, the system proposes the installed file editors, in my case, it proposes the Markdown Markor editor and Keepassdx, it is a normal reaction of android it seems to me.
KeePassDX can handle several types of extensions but also handle files without extension. You just have to install the application that handles .org natively (as @Ilithy says) and to set this application as default in your device settings.
This issue isn't only about .org, kpdx tries to open any (binary?) file without an associated app.
.nomedia.database_uuid*.dat*.mwm*.idx*.0*.traineddata*.exo*.unity3d- ...
Is there any way to stop this and restrict kpdx to kdbx files so you get an "no app for this filetype" message instead of kpdx (which obviously can't be used to open the file).
The purpose of being able to open all file types is that a database file can be renamed to change its extension and hide it from others. Limiting it to .kdbx files would be a regression. You just need to associate the desired extension with an application that can open it.
You just need to associate the desired extension with an application that can open it.
There are nearly infinity extensions. "You just need" does not work here.
The purpose of being able to open all file types is that a database file can be renamed to change its extension and hide it from others.
Security by Obscurity? What's the thread model here?
Hide it from other apps?
My kdbx database on the desktop (create with KeePassXC) can be identified by file as Keepass password database 2.x KDBX without .kdbx, so there seem to be something like a header identifying it as kdbx file.
Limiting it to .kdbx files would be a regression.
Does the android API allow to implement a setting for this in KeePassDX?
This makes no sense to me. If every file extension is potentially to be opened by keepassxc, why isn't it opening every other file extension also?
Thanks,
Dave Mason
Dr Dave Makes Technology Work! 405 E Wetmore Rd. #117 PMB 520 Tucson, AZ 85705 Voice:520.293.2415 Cell:520.907.5340
------- Original Message ------- On Wednesday, August 17th, 2022 at 10:51 AM, rusty-snake @.***> wrote:
You just need to associate the desired extension with an application that can open it.
There are nearly infinity extensions. "You just need" does not work here.
The purpose of being able to open all file types is that a database file can be renamed to change its extension and hide it from others.
Security by Obscurity? What's the thread model here?
Hide it from other apps?
My kdbx database on the desktop (create with KeePassXC) can be identified by file as Keepass password database 2.x KDBX without .kdbx, so there seem to be something like a header identifying it as kdbx file.
Limiting it to .kdbx files would be a regression.
Does the android API allow to implement a setting for this in KeePassDX?
— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you authored the thread.Message ID: @.***>
I think we misunderstood each other. The application does all types under certain conditions, it recognizes :
- The .kdb and .kdbx types, whatever the mime-type
- The mime-types application/octet-stream, application/x-kdb, application/x-kdbx, application/x-keepass
So when I was saying :
The purpose of being able to open all file types is that a database file can be renamed to change its extension and hide it from others. Limiting it to .kdbx files would be a regression.
It meant with the right mime-type obviously, but I had forgotten that the application also handled application/octet-stream, that's where the problem lies.
Here the issue comes from the fact that many programs set a mime-type "application/octet-stream", and some KeePass programs also create files with "application/octet-stream" and not with "application/x-kdb[x]".
https://github.com/Kunzisoft/KeePassDX/blob/0ef574d67525073a6536bd3b0fe554b9190bd599/app/src/main/AndroidManifest.xml#L92
There are nearly infinity extensions. "You just need" does not work here.
If you want to open a file of a particular type, you will have to install the corresponding application anyway, otherwise you will not be able to open it in any case because your goal is not to open all files of different types at the same time.
Security by Obscurity? What's the thread model here? Hide it from other apps?
<dumb_scenario>Imagine a malicious entity that has a new powerful machines and time to brute force an encrypted KeePass file with a not-so-great KDF. This entity has backdoors on many devices because it can and figures it would be nice to test its new quantum processor on encrypted user files. A little script that retrieves .kdbx files from a machine and let's go.</dumb_scenario> Obviously this is a futuristic scenario that is highly unlikely to happen but I'm just answering questions. :D
No kidding, I already improved the file recognition filter, here the problem is that it points to files whose mime-type is binary, so not all file types. But a file without extension or with a different extension (to hide it visually to the user) should also be recognized.
My kdbx database on the desktop (create with KeePassXC) can be identified by file as Keepass password database 2.x KDBX without .kdbx, so there seem to be something like a header identifying it as kdbx file
Indeed, there is a header and a mime-type in the file, the application/octet-stream one was for me necessary to ensure compatibility with other existing KeePass ports. But it's probably time to remove the application/octet-stream support, we'll have to test to know which KeePass applications create files with this mime-type to let them know it's a bug on their side.
Does the android API allow to implement a setting for this in KeePassDX?
No it's not a setting, it's a definition of an intent filter for opening an activity. https://developer.android.com/guide/components/intents-filters
This makes no sense to me. If every file extension is potentially to be opened by keepassxc, why isn't it opening every other file extension also?
I did not test KeePassXC, but a file with the mime-type application/x-kdbx and .whatever extension should be recognized as a KeePass file.
Indeed, there is a header and a mime-type in the file, the application/octet-stream one was for me necessary to ensure compatibility with other existing KeePass ports. But it's probably time to remove the application/octet-stream support, we'll have to test to know which KeePass applications create files with this mime-type to let them know it's a bug on their side.
Sounds good.
Just to bring this up, is it possible to remove application/octet-stream so keepassdx is not opened from a file-manager but open application/octet-stream files via file-chooser?
Just to bring this up, is it possible to remove application/octet-stream so keepassdx is not opened from a file-manager but open application/octet-stream files via file-chooser?
Yes, it is possible, I have removed the intent filter for the file manager recognition. This does not change anything for a manual opening.
Several users tell me that they can't open their files in the usual way anymore, this is because KeePass file mime-types are always recognized as application/octet-stream, so I will rollback (maybe). #1408