There is a comprehensive proof-of-concept out there about a design compromise in Apple’s keychain implementation that sacrifices security over usability.
Because OS X automatically unlocks your keychain for your convenience, “the root user is able to read all keychain secrets of logged-in users, unless they take extra steps to protect themselves,” said Juuso Salonen, a software developer from Helsinki, Finland.
The developer is certain Apple is aware of the security implications. He therefore believes the Mac maker “made the bargain intentionally.”
“In OS X, your keychain contains your saved passwords,” Salonen said. “This includes all your email accounts in Mail, passwords stored in Safari, and credentials for accessing known Wi-Fi networks. Because it contains valuable secrets, the keychain is encrypted. It can only be opened with your login password.”
But there is a catch.
“When you log in to OS X, the operating system automatically unlocks your keychain for your convenience. This means that you don’t have to enter your login password every time you want to use your stored passwords,” he said.
The open source proof-of-concept confirms this compromise can suffer from exploitation, “because this is an intentional design decision instead of a security bug.”