Re: [Evolution] login password

From: Adam Tauno Williams <awilliam whitemice org>
To: evolution-list gnome org
Subject: Re: [Evolution] login password
Date: Mon, 17 Jan 2011 12:32:18 -0500

On Mon, 2011-01-17 at 11:01 -0600, Albert Wagner wrote:

And I don't think you need to be particularly "experienced" with them to
let a program use keyrings - it's just an encrypted store of passwords.

My login password allows anyone with access to it, including evolution
developers, to perform actions requiring root permissions.


Er, what?? How do evolution developers have access to your password via
use of the keyring?  They don't, can't, and I suspect you don't
understand are keyrings work.

Even if they did have your username and password, which they don't, how
would that allow "root" permissions?  Unless you are logging in as root,
which you shouldn't.

 Giving you
access to my login password is a severe security breach, and all for
your convenience, not mine. Frankly, I am surprised that you have been
getting away it.  Haven't any other users complained?


I am a user, and have not complained, because there is *nothing* to
complain about.  The GNOME keyring is a part of GNOME for managing
sensitive information - it is encrypted and itself password protected.
You can change the password/pass-phrase on your keyring if you like -
just install the amazing Seahorse application and you can also remove
individual entries from the keyring.

Follow-Ups:
- Re: [Evolution] login password
  - From: Albert Wagner

References:
- [Evolution] login password
  - From: Albert Wagner
- Re: [Evolution] login password
  - From: Patrick O'Callaghan
- Re: [Evolution] login password
  - From: Albert Wagner
- Re: [Evolution] login password
  - From: Pete Biggs
- Re: [Evolution] login password
  - From: Albert Wagner

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]