Re: [Evolution] login password

On Mon, 2011-01-17 at 11:01 -0600, Albert Wagner wrote:
And I don't think you need to be particularly "experienced" with them to
let a program use keyrings - it's just an encrypted store of passwords.
My login password allows anyone with access to it, including evolution
developers, to perform actions requiring root permissions.

Er, what?? How do evolution developers have access to your password via
use of the keyring?  They don't, can't, and I suspect you don't
understand are keyrings work.

Even if they did have your username and password, which they don't, how
would that allow "root" permissions?  Unless you are logging in as root,
which you shouldn't.

 Giving you
access to my login password is a severe security breach, and all for
your convenience, not mine. Frankly, I am surprised that you have been
getting away it.  Haven't any other users complained?

I am a user, and have not complained, because there is *nothing* to
complain about.  The GNOME keyring is a part of GNOME for managing
sensitive information - it is encrypted and itself password protected.
You can change the password/pass-phrase on your keyring if you like -
just install the amazing Seahorse application and you can also remove
individual entries from the keyring.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]