Re: Password Security

On Wed, Jun 8, 2011 at 11:10 AM, Timo Babst <timo babst epfl ch> wrote:
> Hello, I am using NetworkManager Applet 0.8. It works great except for one
> very annoying thing : there is a checkbox that says "show password" and
> someone (luckily a friend) was able to copy my password just by using this
> little funny feature. Could'nt you make sure that the user has to be root in
> order to view the password? It IS very annoying, since this feature makes
> every password absolutely useless. Sorry to be so direct, but this really is
> a BIG issue for me (and I think it should not be too hard to change it for
> the guy who developped it).

Sorry to be so direct but it doesn't make every password absolutely
useless because it is not common practice for security-sensitive
people to give away their laptops, while logged in even ...

Notice that for connections that have user session scope, only your
account has access to your password, if good job is done then noone
else, (even root) should be able to access it easily.

The best is not to give your laptop to your friend, but if you want to
keep doing this, you can make the connection "system scope" and then
only root can see the password, as you requested.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]